Alternative authentication methods

[ontonn]

Hi Steve!

First of all, big thanks for this library, I've found it really useful.

I've been trying to find an alternative authentication method other than putting credentials in the URL, as I'm concerned about creds ending up in some HTTP log. I tried playing around with credential helpers and managed to create a custom one that just echoes predefined creds, and then I tried passing it to simple-git as a per-command config but that didn't work unfortunately.

So, I was wondering if there's an alternative I'm missing or otherwise if I may work on this issue myself and send you a pull request. Thanks!

Sincerely,
Anton Matveev

[steveukx]

Hi Anton, thanks for opening the issue.

To look into this for you, please can you include the code you're using the set up the credential helper with simple-git (and if you have this working when using git directly in a terminal, the command you use there).

Thanks

[ontonn]

Sure!

Here's a git command that works for me:

git clone https://some-origin.com/some/repo.git -c credential.https://some-origin.com.helper='!f() { echo username=JohnDoe && echo password=SecretPassword; }; f'

Note, that on Mac after I run this commmand, it saves those creds to the keychain, so make sure to remove them from there if you wanna test further.

Here's what I'm doing in JS with the library:

const repoUrl = "https://some-origin.com/some/repo.git";
const username = "JohnDoe";
const password = "SecretPassword";
const repoPath = "/some/local/path";
const simpleGit = require( "simple-git" );

const url = new URL( repoUrl );
const authConfig = `credential.${url.origin}.helper='!f() { echo username=${username} && echo password=${password}; }; f'`;
const gitClient = simpleGit( {
  config : [ authConfig ]
} );
await gitClient.clone( repoUrl, repoPath );

I have also tried providing the config directly to the command like that:

await gitClient.clone( repoUrl, repoPath, [ "-c", authConfig ] );

In both cases, in node's process console, git prompts me for credentials in interactive mode, as if there wasn't a helper.

Hope I didn't make some stupid typo in the JS code...