Remember HTTPS password throughout a sync operation (#1062)

* Remember HTTPS password throughout a sync operation

* Add CHANGELOG.md entry

Co-authored-by: Harsh Shandilya <[email protected]>
(cherry picked from commit cba0bc2)
Signed-off-by: Harsh Shandilya <[email protected]>

Author: FabianHenneke

CHANGELOG.md

@@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file.
 
 ## [Unreleased]
 
+### Fixed
+
+-   Delete stored HTTPS password on connection errors (such as failed authentication)
+
 ## [1.11.2] - 2020-08-24
 
 ### Fixed

app/src/main/java/com/zeapo/pwdstore/git/operation/GitOperation.kt

@@ -51,15 +51,21 @@ abstract class GitOperation(gitDir: File, internal val callingActivity: Fragment
     protected val git = Git(repository)
     protected val remoteBranch = GitSettings.branch
 
-    private class PasswordFinderCredentialsProvider(private val passwordFinder: PasswordFinder) : CredentialsProvider() {
+    private class HttpsCredentialsProvider(private val passwordFinder: PasswordFinder) : CredentialsProvider() {
+
+        private var cachedPassword: CharArray? = null
 
         override fun isInteractive() = true
 
         override fun get(uri: URIish?, vararg items: CredentialItem): Boolean {
             for (item in items) {
                 when (item) {
                     is CredentialItem.Username -> item.value = uri?.user
-                    is CredentialItem.Password -> item.value = passwordFinder.reqPassword(null)
+                    is CredentialItem.Password -> {
+                        item.value = cachedPassword?.clone() ?: passwordFinder.reqPassword(null).also {
+                            cachedPassword = it.clone()
+                        }
+                    }
                     else -> UnsupportedCredentialItem(uri, item.javaClass.name)
                 }
             }
@@ -69,12 +75,17 @@ abstract class GitOperation(gitDir: File, internal val callingActivity: Fragment
         override fun supports(vararg items: CredentialItem) = items.all {
             it is CredentialItem.Username || it is CredentialItem.Password
         }
+
+        override fun reset(uri: URIish?) {
+            cachedPassword?.fill(0.toChar())
+            cachedPassword = null
+        }
     }
 
     private fun withPasswordAuthentication(passwordFinder: InteractivePasswordFinder): GitOperation {
         val sessionFactory = SshjSessionFactory(SshAuthData.Password(passwordFinder), hostKeyFile)
         SshSessionFactory.setInstance(sessionFactory)
-        this.provider = PasswordFinderCredentialsProvider(passwordFinder)
+        this.provider = HttpsCredentialsProvider(passwordFinder)
         return this
     }