Do authentication re-tries on HTTP POST There is at least one git server out there (GOGS) that does not require authentication on the initial GET for info/refs?service=git-receive-pack but that _does_ require authentication for the subsequent POST to actually do the push. This occurs on GOGS with public repositories; for private repositories it wants authentication up front. Handle this behavior by adding 401 handling to our POST request. Note that this is suboptimal; we'll re-send the push data at least twice if an authentication failure on POST occurs. It would be much better if the server required authentication up-front in the GET request. Added authentication unit tests (using BASIC auth) to the SmartClientSmartServerTest: - clone with authentication - clone with authentication but lacking CredentialsProvider - clone with authentication and wrong password - clone with authentication after redirect - clone with authentication only on POST, but not on GET Also tested manually in the wild using repositories at try.gogs.io. That server offers only BASIC auth, so the other paths (DIGEST, NEGOTIATE, fall back from DIGEST to BASIC) are untested and I have no way to test them. * public repository: GET unauthenticated, POST authenticated Also tested after clearing the credentials and then entering a wrong password: correctly asks three times during the HTTP POST for user name and password, then gives up. * private repository: authentication already on GET; then gets applied correctly initially to the POST request, which succeeds. Also fix the authentication to use the credentials for the redirected URI if redirects had occurred. We must not present the credentials for the original URI in that case. Consider a malicious redirect A->B: this would allow server B to harvest the user credentials for server A. The unit test for authentication after a redirect also tests for this. Bug: 513043 Change-Id: I97ee5058569efa1545a6c6f6edfd2b357c40592a Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch> Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
An implementation of the Git version control system in pure Java.
This package is licensed under the EDL (Eclipse Distribution License).
JGit can be imported straight into Eclipse, built and tested from there, but the automated builds use Maven.
org.eclipse.jgit
A pure Java library capable of being run standalone, with no additional support libraries. It provides classes to read and write a Git repository and operate on a working directory.
All portions of JGit are covered by the EDL. Absolutely no GPL, LGPL or EPL contributions are accepted within this package.
org.eclipse.jgit.ant
Ant tasks based on JGit.
org.eclipse.jgit.archive
Support for exporting to various archive formats (zip etc).
org.eclipse.jgit.http.apache
Apache httpclient support
org.eclipse.jgit.http.server
Server for the smart and dumb Git HTTP protocol.
org.eclipse.jgit.pgm
Command-line interface Git commands implemented using JGit (“pgm” stands for program).
org.eclipse.jgit.packaging
Production of Eclipse features and p2 repository for JGit. See the JGit Wiki on why and how to use this module.
org.eclipse.jgit.junit
Helpers for unit testing
org.eclipse.jgit.test
Unit tests for org.eclipse.jgit
org.eclipse.jgit.ant.test
org.eclipse.jgit.pgm.test
org.eclipse.jgit.http.test
org.eclipse.jgit.junit.test
No further description needed
Native smbolic links are supported, provided the file system supports them. For Windows you must have Windows Vista/Windows 2008 or newer, use a non-administrator account and have the SeCreateSymbolicLinkPrivilege.
Only the timestamp of the index is used by jgit if the index is dirty.
JGit requires at least a Java 8 JDK.
CRLF conversion is performed depending on the core.autocrlf setting, however Git for Windows by default stores that setting during installation in the “system wide” configuration file. If Git is not installed, use the global or repository configuration for the core.autocrlf setting.
The system wide configuration file is located relative to where C Git is installed. Make sure Git can be found via the PATH environment variable. When installing Git for Windows check the “Run Git from the Windows Command Prompt” option. There are other options like Eclipse settings that can be used for pointing out where C Git is installed. Modifying PATH is the recommended option if C Git is installed.
We try to use the same notation of $HOME as C Git does. On Windows this is often not the same value as the user.home system property.
org.eclipse.jgit/
Read loose and packed commits, trees, blobs, including deltafied objects.
Read objects from shared repositories
Write loose commits, trees, blobs.
Write blobs from local files or Java InputStreams.
Read blobs as Java InputStreams.
Copy trees to local directory, or local directory to a tree.
Lazily loads objects as necessary.
Read and write .git/config files.
Create a new repository.
Read and write refs, including walking through symrefs.
Read, update and write the Git index.
Checkout in dirty working directory if trivial.
Walk the history from a given set of commits looking for commits introducing changes in files under a specified path.
Object transport Fetch via ssh, git, http, Amazon S3 and bundles. Push via ssh, git and Amazon S3. JGit does not yet deltify the pushed packs so they may be a lot larger than C Git packs.
Garbage collection
Merge
Rebase
And much more
org.eclipse.jgit.pgm/
org.eclipse.jgit.ant/
org.eclipse.jgit.archive/
org.eclipse.http.*/
There are some missing features:
Post question, comments or patches to the jgit-dev@eclipse.org mailing list. You need to be subscribed to post, see here:
https://dev.eclipse.org/mailman/listinfo/jgit-dev
See the EGit Contributor Guide:
http://wiki.eclipse.org/EGit/Contributor_Guide
More information about Git, its repository format, and the canonical C based implementation can be obtained from the Git website: