Merge pull request #17 from GRAPHISOFT/gs-lfs-password-auth

GS-mcsapo · web-flow · commit 36b651af3ea4 · 2026-02-24T14:34:12.000+01:00
Fix password based authentication for LFS
diff --git a/p4-fusion/lfs/communication/lfscomm.cc b/p4-fusion/lfs/communication/lfscomm.cc
@@ -369,7 +369,7 @@ BatchResponse PerformBatchUploadRequest(const std::string& serverUrl, const Cred
 	return result;
 }
 
-Communicator::UploadResult PerformUpload(const std::string& uploadUrl, const std::vector<char>& fileContents, const std::map<std::string, std::string>& actionHeaders)
+Communicator::UploadResult PerformUpload(const std::string& uploadUrl, const std::vector<char>& fileContents, const std::map<std::string, std::string>& actionHeaders, const Credentials& auth = Credentials())
 {
 	// Initialize curl
 	CURLHandle curl;
@@ -390,11 +390,13 @@ Communicator::UploadResult PerformUpload(const std::string& uploadUrl, const std
 		uploadHeaders = curl_slist_append(uploadHeaders, "Accept: application/vnd.git-lfs");
 	}
 
+	const Credentials& authToUse = (actionHeaders.find("Authorization") == actionHeaders.end()) ? auth : Credentials();
+
 	// Add action-specific headers from the batch response
 	uploadHeaders = CreateHeadersFromMap(actionHeaders, uploadHeaders);
 
 	RequestResult uploadResult = {};
-	SetupRequest(curl.get(), uploadUrl, fileContents.data(), fileContents.size(), uploadHeaders, &uploadResult);
+	SetupRequest(curl.get(), uploadUrl, fileContents.data(), fileContents.size(), uploadHeaders, &uploadResult, authToUse);
 	curl_easy_setopt(curl.get(), CURLOPT_CUSTOMREQUEST, "PUT");
 
 	uploadResult = PerformRequestWithRetry([&]() -> RequestResult
@@ -436,7 +438,7 @@ std::string CreateVerifyPayload(const std::string& oid, size_t fileSize)
 	return verifyBuffer.GetString();
 }
 
-bool PerformVerify(const std::string& verifyUrl, const std::string& oid, size_t fileSize, const std::map<std::string, std::string>& actionHeaders)
+bool PerformVerify(const std::string& verifyUrl, const std::string& oid, size_t fileSize, const std::map<std::string, std::string>& actionHeaders, const Credentials& auth = Credentials())
 {
 	CURLHandle curl;
 	if (!curl)
@@ -451,10 +453,10 @@ bool PerformVerify(const std::string& verifyUrl, const std::string& oid, size_t
 	// Add action-specific headers from the batch response
 	verifyHeaders = CreateHeadersFromMap(actionHeaders, verifyHeaders);
 
-	// Perform request without authentication (headers from action should contain auth)
-	RequestResult verifyResult = {};
-	SetupRequest(curl.get(), verifyUrl, verifyPayload.data(), verifyPayload.size(), verifyHeaders, &verifyResult);
+	const Credentials& authToUse = (actionHeaders.find("Authorization") == actionHeaders.end()) ? auth : Credentials();
 
+	RequestResult verifyResult = {};
+	SetupRequest(curl.get(), verifyUrl, verifyPayload.data(), verifyPayload.size(), verifyHeaders, &verifyResult, authToUse);
 	verifyResult = PerformRequestWithRetry([&]() -> RequestResult
 	    {
 		    verifyResult.curl_result = curl_easy_perform(curl.get());
@@ -492,15 +494,15 @@ Communicator::UploadResult LFSComm::UploadFile(const std::vector<char>& fileCont
 		return UploadResult::AlreadyExists;
 	}
 
-	auto uploadResult = PerformUpload(batchResponse.uploadUrl, fileContents, batchResponse.uploadHeaders);
+	auto uploadResult = PerformUpload(batchResponse.uploadUrl, fileContents, batchResponse.uploadHeaders, m_Creds);
 	if (uploadResult != UploadResult::Uploaded)
 	{
 		return uploadResult;
 	}
 
 	if (!batchResponse.verifyUrl.empty())
 	{
-		if (!PerformVerify(batchResponse.verifyUrl, oid, fileContents.size(), batchResponse.verifyHeaders))
+		if (!PerformVerify(batchResponse.verifyUrl, oid, fileContents.size(), batchResponse.verifyHeaders, m_Creds))
 		{
 			return UploadResult::Error;
 		}

Original file line number	Diff line number	Diff line change
`@@ -369,7 +369,7 @@ BatchResponse PerformBatchUploadRequest(const std::string& serverUrl, const Cred`
`369`	`369`	`return result;`
`370`	`370`	`}`
`371`	`371`
`372`		`-Communicator::UploadResult PerformUpload(const std::string& uploadUrl, const std::vector<char>& fileContents, const std::map<std::string, std::string>& actionHeaders)`
	`372`	`+Communicator::UploadResult PerformUpload(const std::string& uploadUrl, const std::vector<char>& fileContents, const std::map<std::string, std::string>& actionHeaders, const Credentials& auth = Credentials())`
`373`	`373`	`{`
`374`	`374`	`// Initialize curl`
`375`	`375`	`CURLHandle curl;`
`@@ -390,11 +390,13 @@ Communicator::UploadResult PerformUpload(const std::string& uploadUrl, const std`
`390`	`390`	`uploadHeaders = curl_slist_append(uploadHeaders, "Accept: application/vnd.git-lfs");`
`391`	`391`	`}`
`392`	`392`
	`393`	`+ const Credentials& authToUse = (actionHeaders.find("Authorization") == actionHeaders.end()) ? auth : Credentials();`
	`394`	`+`
`393`	`395`	`// Add action-specific headers from the batch response`
`394`	`396`	`uploadHeaders = CreateHeadersFromMap(actionHeaders, uploadHeaders);`
`395`	`397`
`396`	`398`	`RequestResult uploadResult = {};`
`397`		`- SetupRequest(curl.get(), uploadUrl, fileContents.data(), fileContents.size(), uploadHeaders, &uploadResult);`
	`399`	`+ SetupRequest(curl.get(), uploadUrl, fileContents.data(), fileContents.size(), uploadHeaders, &uploadResult, authToUse);`
`398`	`400`	`curl_easy_setopt(curl.get(), CURLOPT_CUSTOMREQUEST, "PUT");`
`399`	`401`
`400`	`402`	`uploadResult = PerformRequestWithRetry([&]() -> RequestResult`
`@@ -436,7 +438,7 @@ std::string CreateVerifyPayload(const std::string& oid, size_t fileSize)`
`436`	`438`	`return verifyBuffer.GetString();`
`437`	`439`	`}`
`438`	`440`
`439`		`-bool PerformVerify(const std::string& verifyUrl, const std::string& oid, size_t fileSize, const std::map<std::string, std::string>& actionHeaders)`
	`441`	`+bool PerformVerify(const std::string& verifyUrl, const std::string& oid, size_t fileSize, const std::map<std::string, std::string>& actionHeaders, const Credentials& auth = Credentials())`
`440`	`442`	`{`
`441`	`443`	`CURLHandle curl;`
`442`	`444`	`if (!curl)`
`@@ -451,10 +453,10 @@ bool PerformVerify(const std::string& verifyUrl, const std::string& oid, size_t`
`451`	`453`	`// Add action-specific headers from the batch response`
`452`	`454`	`verifyHeaders = CreateHeadersFromMap(actionHeaders, verifyHeaders);`
`453`	`455`
`454`		`- // Perform request without authentication (headers from action should contain auth)`
`455`		`- RequestResult verifyResult = {};`
`456`		`- SetupRequest(curl.get(), verifyUrl, verifyPayload.data(), verifyPayload.size(), verifyHeaders, &verifyResult);`
	`456`	`+ const Credentials& authToUse = (actionHeaders.find("Authorization") == actionHeaders.end()) ? auth : Credentials();`
`457`	`457`
	`458`	`+ RequestResult verifyResult = {};`
	`459`	`+ SetupRequest(curl.get(), verifyUrl, verifyPayload.data(), verifyPayload.size(), verifyHeaders, &verifyResult, authToUse);`
`458`	`460`	`verifyResult = PerformRequestWithRetry([&]() -> RequestResult`
`459`	`461`	`{`
`460`	`462`	`verifyResult.curl_result = curl_easy_perform(curl.get());`
`@@ -492,15 +494,15 @@ Communicator::UploadResult LFSComm::UploadFile(const std::vector<char>& fileCont`
`492`	`494`	`return UploadResult::AlreadyExists;`
`493`	`495`	`}`
`494`	`496`
`495`		`- auto uploadResult = PerformUpload(batchResponse.uploadUrl, fileContents, batchResponse.uploadHeaders);`
	`497`	`+ auto uploadResult = PerformUpload(batchResponse.uploadUrl, fileContents, batchResponse.uploadHeaders, m_Creds);`
`496`	`498`	`if (uploadResult != UploadResult::Uploaded)`
`497`	`499`	`{`
`498`	`500`	`return uploadResult;`
`499`	`501`	`}`
`500`	`502`
`501`	`503`	`if (!batchResponse.verifyUrl.empty())`
`502`	`504`	`{`
`503`		`- if (!PerformVerify(batchResponse.verifyUrl, oid, fileContents.size(), batchResponse.verifyHeaders))`
	`505`	`+ if (!PerformVerify(batchResponse.verifyUrl, oid, fileContents.size(), batchResponse.verifyHeaders, m_Creds))`
`504`	`506`	`{`
`505`	`507`	`return UploadResult::Error;`
`506`	`508`	`}`