Do not encode access token for git-credentials secrets #745
Conversation
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: vinokurig The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
| @@ -154,7 +152,7 @@ public void createOrReplace(PersonalAccessToken personalAccessToken) | |||
| "%s://%s:%s@%s%s", | |||
| scmUrl.getProtocol(), | |||
| getUsernameSegment(personalAccessToken), | |||
| URLEncoder.encode(personalAccessToken.getToken(), UTF_8), | |||
| personalAccessToken.getToken(), | |||
There was a problem hiding this comment.
We have to know why previously it was done in that way.
There was a problem hiding this comment.
This was added a long time ago by @mshaposhnik, I don't think we can find the reason.
There was a problem hiding this comment.
Hey guys,
it was done so cuz sometimes tokens may contain symbols which are disallowed or bad to use in URL's (like @, :, # etc)
see https://serverfault.com/a/1001324
There was a problem hiding this comment.
Thanks @mshaposhnik for the explanation, looks like we would need to find a better solution
What does this PR do?
Do not encode access token for git-credentials secrets
Screenshot/screencast of this PR
What issues does this PR fix or reference?
https://issues.redhat.com/browse/CRW-4560
How to test this PR?
The fix resolves a problem that can not be reproduced permanently. Since the fix changes the oauth logic, we need to test all possible oauth related cases.
PR Checklist
As the author of this Pull Request I made sure that:
What issues does this PR fix or referenceandHow to test this PRcompletedRelease Notes
This fix resolves a bug when project is not cloned if a personal access token, generated from bitbucket server, contains special characters.
Reviewers
Reviewers, please comment how you tested the PR when approving it.