Bitbucket Server Support: Fix storing of Bitbucker Server credentials. Save with and without usernames since BbS doesn't generally include them in its Git URLs

mminns · mminns · commit 080712b5cfba · 2020-06-26T09:50:40.000+01:00
diff --git a/.vscode/launch.json b/.vscode/launch.json
@@ -16,6 +16,18 @@
             "console": "integratedTerminal",
             "stopAtEntry": false,
         },
+        {
+            "name": "Git Credential Manager (store)",
+            "type": "coreclr",
+            "request": "launch",
+            "preLaunchTask": "build",
+            // If you have changed target frameworks, make sure to update the program path.
+            "program": "${workspaceFolder}/out/shared/Git-Credential-Manager/bin/Debug/netcoreapp3.1/git-credential-manager-core.dll",
+            "args": ["store"],
+            "cwd": "${workspaceFolder}/out/shared/Git-Credential-Manager",
+            "console": "integratedTerminal",
+            "stopAtEntry": false,
+        },
         {
             "name": ".NET Core Attach",
             "type": "coreclr",
diff --git a/src/shared/Atlassian.Bitbucket/BitbucketHostProvider.cs b/src/shared/Atlassian.Bitbucket/BitbucketHostProvider.cs
@@ -56,7 +56,7 @@ public async Task<ICredential> GetCredentialAsync(InputArguments input)
 
             // We should not allow unencrypted communication and should inform the user
             if (StringComparer.OrdinalIgnoreCase.Equals(input.Protocol, "http")
-                && targetUri.Host.Equals(BitbucketConstants.BitbucketBaseUrlHost))
+                && !IsBitbucketServer(targetUri))
             {
                 throw new Exception("Unencrypted HTTP is not supported for Bitbucket. Ensure the repository remote URL is using HTTPS.");
             }
@@ -184,6 +184,19 @@ public Task StoreCredentialAsync(InputArguments input)
             _context.CredentialStore.AddOrUpdate(credentialKey, credential);
             _context.Trace.WriteLine("Credential was successfully stored.");
 
+            Uri targetUri = GetTargetUri(input);
+            if(IsBitbucketServer(targetUri))
+            {
+                // BBS doesn't usually include the username in the urls which means they aren't included in the GET call, 
+                // which means if we store only with the username the credentials are never found again ...
+                // This does have the potential to overwrite itself for different BbS accounts, 
+                // but typically BbS doesn't encourage multiple user accounts
+                string bbsCredentialKey = GetBbSCredentialKey(input);
+                _context.Trace.WriteLine($"Storing Bitbucket Server credential with key '{bbsCredentialKey}'...");
+                _context.CredentialStore.AddOrUpdate(bbsCredentialKey, credential);
+                _context.Trace.WriteLine("Bitbucket Server Credential was successfully stored.");
+            }
+
             return Task.CompletedTask;
         }
 
@@ -223,9 +236,9 @@ private async Task<string> ResolveOAuthUserNameAsync(string accessToken)
 
         private async Task<bool> RequiresTwoFactorAuthenticationAsync(ICredential credentials, Uri targetUri)
         {
-            if(!targetUri.Host.Equals(BitbucketConstants.BitbucketBaseUrlHost))
+            if(IsBitbucketServer(targetUri))
             {
-                // BBS
+                // BBS does not support 2FA out of the box so neither does GCM
                 return false;
             }
 
@@ -264,6 +277,21 @@ private string GetCredentialKey(InputArguments input)
             return $"git:{url}";
         }
 
+        private string GetBbSCredentialKey(InputArguments input)
+        {
+            // The credential (user/pass or an OAuth access token) key is the full target URI.
+            // If the full path is included (credential.useHttpPath = true) then respect that.
+            string url = GetBbsTargetUri(input).AbsoluteUri;
+
+            // Trim trailing slash
+            if (url.EndsWith("/"))
+            {
+                url = url.Substring(0, url.Length - 1);
+            }
+
+            return $"git:{url}";
+        }
+
         private string GetRefreshTokenKey(InputArguments input)
         {
             Uri targetUri = GetTargetUri(input);
@@ -304,6 +332,23 @@ private static Uri GetTargetUri(InputArguments input)
             return uri;
         }
 
+        private static Uri GetBbsTargetUri(InputArguments input)
+        {
+            Uri uri = new UriBuilder
+            {
+                Scheme = input.Protocol,
+                Host = input.Host,
+                Path = input.Path
+            }.Uri;
+
+            return uri;
+        }
+
+        private bool IsBitbucketServer(Uri targetUri)
+        {
+            return !targetUri.Host.Equals(BitbucketConstants.BitbucketBaseUrlHost);
+        }
+
         #endregion
 
         public void Dispose()
