@@ -517,4 +517,45 @@ test_expect_success 'server-side error detected' '
test_i18ngrep "server-side error" actual
'
+test_expect_success 'http auth remembers successful credentials' '
+ rm -f .git-credentials &&
+ test_config credential.helper store &&
+
+ # the first request prompts the user...
+ set_askpass user@host pass@host &&
+ git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null &&
+ expect_askpass both user@host &&
+
+ # ...and the second one uses the stored value rather than
+ # prompting the user.
+ set_askpass bogus-user bogus-pass &&
+ git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null &&
+ expect_askpass none
+'
+
+test_expect_failure 'http auth forgets bogus credentials' '
+ # seed credential store with bogus values. In real life,
+ # this would probably come from a password which worked
+ # for a previous request.
+ rm -f .git-credentials &&
+ test_config credential.helper store &&
+ {
+ echo "url=$HTTPD_URL" &&
+ echo "username=bogus" &&
+ echo "password=bogus"
+ } | git credential approve &&
+
+ # we expect this to use the bogus values and fail, never even
+ # prompting the user...
+ set_askpass user@host pass@host &&
+ test_must_fail git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null &&
+ expect_askpass none &&
+
+ # ...but now we should have forgotten the bad value, causing
+ # us to prompt the user again.
+ set_askpass user@host pass@host &&
+ git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null &&
+ expect_askpass both user@host
+'
+
test_done
We test authentication with http, and we independently test that credential helpers work, but we don't have any tests that cover the two features working together. Let's add two: 1. Make sure that a successful request asks the helper to save the credential. This works as expected. 2. Make sure that a failed request asks the helper to forget the credential. This is marked as expect_failure, as it was recently regressed by 1b0d9545bb (remote-curl: fall back to basic auth if Negotiate fails, 2021-03-22). The symptom here is that the second request should prompt the user, but doesn't. Signed-off-by: Jeff King <peff@peff.net> --- t/t5551-http-fetch-smart.sh | 41 +++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+)