Hey Junio, Thanks a lot for the help. On Mon, 12 Oct 2020 at 23:16, Junio C Hamano <gitster@xxxxxxxxx> wrote: > > Deepak Patankar <patankardeepak04@xxxxxxxxx> writes: > > > I am writing an application in which we will support git integration. > > The user will provide us with his/her git credentials so that we can > > push some files on his git. The git credentials which user will supply > > can be > > > > HTTP (Username and Password/ Kerberos) > > SSH > > > > Before saving the user credentials I want to validate that the > > credentials entered is valid. > > It obviously depends on the remote side, but a relatively safe thing > to try is to run things like "ls-remote" or "push --dry-run" that > will not cause any actual damage against the remote, and see if your > authentication fail. > > But you might be asking a XY question. I would expect that any > reasonable application that manages authentication material for the > user and drives "git fetch" and "git push" would act as a credential > helper and uses the credential protocol to talk to Git, so it will > learn an authentication failure upon the first use, at which point > it has the chance to drop the authentication material it obtained > earlier and ask the user for the corrected one---there is no need > for the application to see if the authentication material is correct > before the user does anything else. > My previous email was confusing. I will be doing the authentication check the way you described above i.e. it will be done only once and I won't do it again and again before each operation. I can use the "ls-remote", "push --dry-run" command you suggested, but I have a use case which I don't know how to solve. The above commands require a repository. In our application, the user can give the following details Git Details: Account URL: https://github.com/OpenPrinting UserName: deepakpatankar password: *********** In this case, we don't know the repo name. At this step, I just know the account and the credentials of the user, later on the user will provide me with the repo name to which he wants to sync his file. Since I don't know the repository, I cannot do "git fetch" or "git push --dry-run". Can I check this credentials with some logic or git commands? Thanks Deepak Patankar On Tue, 13 Oct 2020 at 10:25, Deepak Patankar <patankardeepak04@xxxxxxxxx> wrote: > > Hey Junio, > > Thanks a lot for the help. > > On Mon, 12 Oct 2020 at 23:16, Junio C Hamano <gitster@xxxxxxxxx> wrote: > > > > Deepak Patankar <patankardeepak04@xxxxxxxxx> writes: > > > > > I am writing an application in which we will support git integration. > > > The user will provide us with his/her git credentials so that we can > > > push some files on his git. The git credentials which user will supply > > > can be > > > > > > HTTP (Username and Password/ Kerberos) > > > SSH > > > > > > Before saving the user credentials I want to validate that the > > > credentials entered is valid. > > > > It obviously depends on the remote side, but a relatively safe thing > > to try is to run things like "ls-remote" or "push --dry-run" that > > will not cause any actual damage against the remote, and see if your > > authentication fail. > > > > But you might be asking a XY question. I would expect that any > > reasonable application that manages authentication material for the > > user and drives "git fetch" and "git push" would act as a credential > > helper and uses the credential protocol to talk to Git, so it will > > learn an authentication failure upon the first use, at which point > > it has the chance to drop the authentication material it obtained > > earlier and ask the user for the corrected one---there is no need > > for the application to see if the authentication material is correct > > before the user does anything else. > > > > My previous email was confusing. I will be doing the authentication > check the way you described above > i.e. it will be done only once and I won't do it again and again > before each operation. > > > I can use the "ls-remote", "push --dry-run" command you suggested, but > I have a use case which I don't know how to solve. > The above commands require a repository. In our application, the user > can give the following details > > Git Details: > Account URL: https://github.com/OpenPrinting > UserName: deepakpatankar > password: *********** > > In this case, we don't know the repo name. At this step, I just know > the account and the credentials of the user, later on > the user will provide me with the repo name to which he wants to sync his file. > > Since I don't know the repository, I cannot do "git fetch" or "git > push --dry-run". Can I check this credentials with some > logic or git commands? > > > Thanks > Deepak Patankar > > > > > > > > The user might be using GithHub/BitBucket/GitLab. I am trying to find > > > some git command which I can use to validate the credentials. Can you > > > please point me to some command/logic which I can try? > > > > > > What I have tried? > > > I tried git ls-remote command, but it requires the repo name/url. In > > > one of our use case, the user won't specify the repository name > > > beforehand. Because of which I am not able to use this command. > > > > This assumes there always is a single authentication material > > regardless of the URL, which is probably not a good security posture > > to encourage the users to adopt.
