Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Impossible to push to Azure repository using Person Access Token #2041

Open
TackyTortoise opened this issue Jun 6, 2023 · 2 comments
Open

Impossible to push to Azure repository using Person Access Token #2041

TackyTortoise opened this issue Jun 6, 2023 · 2 comments

Comments

@TackyTortoise
Copy link

TackyTortoise commented Jun 6, 2023
edited

My problem is described perfectly here, but I don't think the solution is the correct one, since that would use the credentials stored on the computer as far as I'm aware.

When making git requests to an azure repository with a PAT, it is expected to be passed along as a custom header. (see documentation).

This is possible when doing a Clone operation, since CloneOptions contains FetchOptions, which allows us to set custom headers.

So a clone is perfectly possible as follows:

string encodedToken = Convert.ToBase64String(Encoding.UTF8.GetBytes($":{credentials.PersonalAccessToken}"));
var fetchOptions = new FetchOptions
{
    CustomHeaders = new[] {
        $"Authorization: Basic {encodedToken}"
    }
};
var options = new CloneOptions
{
    CredentialsProvider = (url, usernameFromUrl, types) =>
                    new UsernamePasswordCredentials()
                    {
                        Username = credentials.UserName,
                        Password = credentials.PersonalAccessToken
                    },
    FetchOptions = fetchOptions,
    BranchName = branchName,
    Checkout = true,
    OnCheckoutProgress = (path, completedSteps, totalSteps) =>
        Logger.LogInformation("Clone progress {completed} / {total}", completedSteps, totalSteps),
    RepositoryOperationCompleted = (context) =>
        Logger.LogInformation("Clone completed"),
};

Repository.Clone(Remote, WorkingDirectory, options);

However, when trying to push to this same repository, PushOptions does not expose something similar to include the PAT as header, even though it is stored in the internal data structure since #1233 .

Using the provided example from the wiki
I get the following error:
Unhandled exception: too many redirects or authentication replays | LibGit2Sharp.LibGit2SharpException | too many redirects or authentication replays
Which is the exact same error I was getting when trying to clone without the added custom header.

As far as I can see, there is a PR open that would fix this, but it is not yet merged in: #2011
@Rpatil3g
Copy link

Rpatil3g commented Jul 7, 2023

Please check TLS protocol of your system. it should be 1.2, as Azure has removed support for TLS below 1.2. here is link to set TLS 1.2 https://learn.microsoft.com/en-us/mem/configmgr/core/plan-design/security/enable-tls-1-2-client

@James-LG James-LG mentioned this issue Jul 25, 2023
Merged
@bording
Copy link
Member

bording commented Nov 4, 2023

Custom headers for PushOptions are now available in LibGit2Sharp 0.28.0.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bording @TackyTortoise @Rpatil3g