Duplicate creating a git-credentials secret on token fetch (#551)

Duplicate the git-credentials secret creation step on create personal access token secret. Currently this step is performed on workspace provision step but in this case the PAT secret might be initialised when the provision is finished. In order to synchronise the personal access token secret and git credentials secret creation step duplicate the git credentials secret creation step after the PAT secret creation step.
Refactor the get(scmServerUrl) function in the KubernetesPersonalAccessTokenManager class

infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManager.java

@@ -232,15 +232,7 @@ public PersonalAccessToken getAndStore(String scmServerUrl)
       throws ScmCommunicationException, ScmConfigurationPersistenceException,
           UnknownScmProviderException, UnsatisfiedScmPreconditionException,
           ScmUnauthorizedException {
-    Subject subject = EnvironmentContext.getCurrent().getSubject();
-    Optional<PersonalAccessToken> tokenOptional = get(subject, scmServerUrl);
-    PersonalAccessToken personalAccessToken;
-    if (tokenOptional.isPresent()) {
-      personalAccessToken = tokenOptional.get();
-    } else {
-      // try to authenticate for the given URL
-      personalAccessToken = fetchAndSave(subject, scmServerUrl);
-    }
+    PersonalAccessToken personalAccessToken = get(scmServerUrl);
     gitCredentialManager.createOrReplace(personalAccessToken);
     return personalAccessToken;
   }

wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFileContentProviderTest.java

@@ -44,7 +44,7 @@ public void shouldFetchContentWithTokenIfPresent() throws Exception {
 
     PersonalAccessToken token =
         new PersonalAccessToken(TEST_SCHEME + "://" + TEST_HOSTNAME, "user1", "token");
-    when(personalAccessTokenManager.get(anyString())).thenReturn(token);
+    when(personalAccessTokenManager.getAndStore(anyString())).thenReturn(token);
 
     String fileURL = "https://foo.bar/scm/repo/.devfile";
 
@@ -65,15 +65,16 @@ public void shouldFetchTokenIfNotYetPresent() throws Exception {
 
     PersonalAccessToken token =
         new PersonalAccessToken(TEST_SCHEME + "://" + TEST_HOSTNAME, "user1", "token");
-    when(personalAccessTokenManager.get(eq(TEST_SCHEME + "://" + TEST_HOSTNAME))).thenReturn(token);
+    when(personalAccessTokenManager.getAndStore(eq(TEST_SCHEME + "://" + TEST_HOSTNAME)))
+        .thenReturn(token);
 
     String fileURL = "https://foo.bar/scm/repo/.devfile";
 
     // when
     fileContentProvider.fetchContent(fileURL);
 
     // then
-    verify(personalAccessTokenManager).get(eq(TEST_SCHEME + "://" + TEST_HOSTNAME));
+    verify(personalAccessTokenManager).getAndStore(eq(TEST_SCHEME + "://" + TEST_HOSTNAME));
     verify(urlFetcher).fetch(eq(fileURL), eq("Bearer token"));
   }
 
@@ -95,7 +96,7 @@ public void shouldResolveRelativePaths(String relative, String expected, String
             url, urlFetcher, personalAccessTokenManager);
     PersonalAccessToken token =
         new PersonalAccessToken(TEST_SCHEME + "://" + TEST_HOSTNAME, "user1", "token");
-    when(personalAccessTokenManager.get(anyString())).thenReturn(token);
+    when(personalAccessTokenManager.getAndStore(anyString())).thenReturn(token);
 
     // when
     fileContentProvider.fetchContent(relative);

wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerScmFileResolverTest.java

@@ -73,7 +73,7 @@ public void checkValidAcceptUrl() {
   public void shouldReturnContentFromUrlFetcher() throws Exception {
     final String rawContent = "raw_content";
     final String filename = "devfile.yaml";
-    when(personalAccessTokenManager.get(anyString()))
+    when(personalAccessTokenManager.getAndStore(anyString()))
         .thenReturn(new PersonalAccessToken(SCM_URL, "root", "token123"));
 
     when(urlFetcher.fetch(anyString(), eq("Bearer token123"))).thenReturn(rawContent);
@@ -87,7 +87,7 @@ public void shouldReturnContentFromUrlFetcher() throws Exception {
   @Test
   public void shouldFetchContentWithoutAuthentication() throws Exception {
     // given
-    when(personalAccessTokenManager.get(anyString()))
+    when(personalAccessTokenManager.getAndStore(anyString()))
         .thenThrow(new ScmUnauthorizedException("message", "bitbucket-server", "v1", "url"));
 
     // when

wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubAuthorizingFileContentProviderTest.java

@@ -54,7 +54,7 @@ public void shouldExpandRelativePaths() throws Exception {
     FileContentProvider fileContentProvider =
         new GithubAuthorizingFileContentProvider(githubUrl, urlFetcher, personalAccessTokenManager);
 
-    when(personalAccessTokenManager.get(anyString()))
+    when(personalAccessTokenManager.getAndStore(anyString()))
         .thenReturn(new PersonalAccessToken("foo", "che", "my-token"));
 
     fileContentProvider.fetchContent("devfile.yaml");
@@ -81,7 +81,7 @@ public void shouldPreserveAbsolutePaths() throws Exception {
     FileContentProvider fileContentProvider =
         new GithubAuthorizingFileContentProvider(githubUrl, urlFetcher, personalAccessTokenManager);
 
-    when(personalAccessTokenManager.get(anyString()))
+    when(personalAccessTokenManager.getAndStore(anyString()))
         .thenReturn(new PersonalAccessToken(raw_url, "che", "my-token"));
 
     fileContentProvider.fetchContent(raw_url);
@@ -98,7 +98,8 @@ public void shouldThrowNotFoundForPublicRepos() throws Exception {
     FileContentProvider fileContentProvider =
         new GithubAuthorizingFileContentProvider(githubUrl, urlFetcher, personalAccessTokenManager);
 
-    when(personalAccessTokenManager.get(anyString())).thenThrow(UnknownScmProviderException.class);
+    when(personalAccessTokenManager.getAndStore(anyString()))
+        .thenThrow(UnknownScmProviderException.class);
 
     when(urlFetcher.fetch(eq(url))).thenThrow(FileNotFoundException.class);
 
@@ -114,7 +115,8 @@ public void shouldThrowDevfileException() throws Exception {
     FileContentProvider fileContentProvider =
         new GithubAuthorizingFileContentProvider(githubUrl, urlFetcher, personalAccessTokenManager);
 
-    when(personalAccessTokenManager.get(anyString())).thenThrow(UnknownScmProviderException.class);
+    when(personalAccessTokenManager.getAndStore(anyString()))
+        .thenThrow(UnknownScmProviderException.class);
     when(urlFetcher.fetch(eq(url))).thenThrow(FileNotFoundException.class);
     when(urlFetcher.fetch(eq("https://github.com/eclipse/che"))).thenThrow(IOException.class);
 
@@ -130,7 +132,7 @@ public void shouldNotAskGitHubAPIForDifferentDomain() throws Exception {
     FileContentProvider fileContentProvider =
         new GithubAuthorizingFileContentProvider(githubUrl, urlFetcher, personalAccessTokenManager);
     var personalAccessToken = new PersonalAccessToken(raw_url, "che", "my-token");
-    when(personalAccessTokenManager.get(anyString())).thenReturn(personalAccessToken);
+    when(personalAccessTokenManager.getAndStore(anyString())).thenReturn(personalAccessToken);
 
     fileContentProvider.fetchContent(raw_url);
 

wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubScmFileResolverTest.java

@@ -87,7 +87,7 @@ public void shouldReturnContentFromUrlFetcher() throws Exception {
         .thenReturn(rawContent);
 
     lenient()
-        .when(personalAccessTokenManager.get(anyString()))
+        .when(personalAccessTokenManager.getAndStore(anyString()))
         .thenReturn(new PersonalAccessToken("foo", "che", "my-token"));
 
     when(githubApiClient.getLatestCommit(anyString(), anyString(), anyString(), any()))
@@ -106,7 +106,7 @@ public void shouldReturnContentFromUrlFetcher() throws Exception {
   public void shouldReturnContentWithoutAuthentication() throws Exception {
     // given
     lenient()
-        .when(personalAccessTokenManager.get(anyString()))
+        .when(personalAccessTokenManager.getAndStore(anyString()))
         .thenThrow(new ScmUnauthorizedException("message", "github", "v1", "url"));
 
     // when

wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabAuthorizingFileContentProviderTest.java

@@ -36,7 +36,7 @@ public void shouldExpandRelativePaths() throws Exception {
     FileContentProvider fileContentProvider =
         new GitlabAuthorizingFileContentProvider(gitlabUrl, urlFetcher, personalAccessTokenManager);
     var personalAccessToken = new PersonalAccessToken("foo", "che", "my-token");
-    when(personalAccessTokenManager.get(anyString())).thenReturn(personalAccessToken);
+    when(personalAccessTokenManager.getAndStore(anyString())).thenReturn(personalAccessToken);
     fileContentProvider.fetchContent("devfile.yaml");
     verify(urlFetcher)
         .fetch(
@@ -54,7 +54,7 @@ public void shouldPreserveAbsolutePaths() throws Exception {
     String url =
         "https://gitlab.net/api/v4/projects/eclipse%2Fche/repository/files/devfile.yaml/raw";
     var personalAccessToken = new PersonalAccessToken(url, "che", "my-token");
-    when(personalAccessTokenManager.get(anyString())).thenReturn(personalAccessToken);
+    when(personalAccessTokenManager.getAndStore(anyString())).thenReturn(personalAccessToken);
 
     fileContentProvider.fetchContent(url);
     verify(urlFetcher).fetch(eq(url), eq("Bearer my-token"));

wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabScmFileResolverTest.java

@@ -72,7 +72,7 @@ public void checkValidAcceptUrl() {
   public void shouldReturnContentFromUrlFetcher() throws Exception {
     final String rawContent = "raw_content";
     final String filename = "devfile.yaml";
-    when(personalAccessTokenManager.get(any(String.class)))
+    when(personalAccessTokenManager.getAndStore(any(String.class)))
         .thenReturn(new PersonalAccessToken(SCM_URL, "root", "token123"));
 
     when(urlFetcher.fetch(anyString(), eq("Bearer token123"))).thenReturn(rawContent);
@@ -86,7 +86,7 @@ public void shouldReturnContentFromUrlFetcher() throws Exception {
   @Test
   public void shouldFetchContentWithoutAuthentication() throws Exception {
     // given
-    when(personalAccessTokenManager.get(anyString()))
+    when(personalAccessTokenManager.getAndStore(anyString()))
         .thenThrow(new ScmUnauthorizedException("message", "gitlab", "v1", "url"));
 
     // when

wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/AuthorizingFileContentProvider.java

@@ -80,7 +80,7 @@ private String fetchContent(
         String authorization;
         if (isNullOrEmpty(credentials)) {
           PersonalAccessToken token =
-              personalAccessTokenManager.get(remoteFactoryUrl.getProviderUrl());
+              personalAccessTokenManager.getAndStore(remoteFactoryUrl.getProviderUrl());
           authorization =
               formatAuthorization(
                   token.getToken(),

wsmaster/che-core-api-factory/src/test/java/org/eclipse/che/api/factory/server/scm/AuthorizingFactoryParameterResolverTest.java

@@ -48,13 +48,13 @@ public void shouldFetchContentWithAuthentication() throws Exception {
     // given
     when(remoteFactoryUrl.getProviderUrl()).thenReturn("https://provider.url");
     when(urlFetcher.fetch(anyString(), anyString())).thenReturn("content");
-    when(personalAccessTokenManager.get(anyString())).thenReturn(personalAccessToken);
+    when(personalAccessTokenManager.getAndStore(anyString())).thenReturn(personalAccessToken);
 
     // when
     provider.fetchContent("url");
 
     // then
-    verify(personalAccessTokenManager).get(anyString());
+    verify(personalAccessTokenManager).getAndStore(anyString());
   }
 
   @Test