Forge uses APIHOST including full url for auth-source-search bugging passwords-store

[Thaodan]

Preconditions

• auth-source-pass-extra-query-keywords set to t
  • This option can be enabled to deal with usernames that contain [email protected] for other hosts to not break retrieving secrets for user foo
    on bar.host.
• password-store inside auth-sources.

Environment

• Magit-version: 4.1.1-3-gf7e20b84
  Same for All dependencies
• Emacs 31.x
• OpenSUSE Tumbleweed

Expected

Secret is found.

Observed

Forge uses the full url that includes not just the host for Gitlab based Forges. Forge should not use the full url to retrieve passwords I think.

Backtrace

Debugger entered--Lisp error: (error "Required Gitlab token (\"Thaodan^forge\" for \"gitlab.com/api/v4\") does not exist.\nSee https://magit.vc/manual/ghub/Getting-Started.html\nor (info \"(ghub)Getting Started\") for instructions.\n(The setup wizard no longer exists.)")
  apply(debug (error (error "Required Gitlab token (\"Thaodan^forge\" for \"gitlab.com/api/v4\") does not exist.\nSee https://magit.vc/manual/ghub/Getting-Started.html\nor (info \"(ghub)Getting Started\") for instructions.\n(The setup wizard no longer exists.)")))
  transient--exit-and-debug(error (error "Required Gitlab token (\"Thaodan^forge\" for \"gitlab.com/api/v4\") does not exist.\nSee https://magit.vc/manual/ghub/Getting-Started.html\nor (info \"(ghub)Getting Started\") for instructions.\n(The setup wizard no longer exists.)"))
  error("Required %s token (\"%s\" for \"%s\") does not exist.\nSee https://magit.vc/manual/ghub/Getting-Started.html\nor (info \"(ghub)Getting Started\") for instructions.\n(The setup wizard no longer exists.)" "Gitlab" "Thaodan^forge" "gitlab.com/api/v4")
  ghub--token("gitlab.com/api/v4" "Thaodan" forge nil gitlab)
  ghub--auth("gitlab.com/api/v4" forge "Thaodan" gitlab)
  #f(compiled-function () #<bytecode 0xf6950f34267783b>)()
  ghub--retrieve(nil #s(ghub--req :url #s(url :type "https" :user nil :password nil :host "gitlab.com" :portspec nil :filename "/api/v4/projects/CalcProgrammer1%2FOpenRGB" :target nil :attributes nil :fullness t :silent nil :use-cookies t :asynchronous t) :forge gitlab :silent nil :method "GET" :headers #f(compiled-function () #<bytecode 0xf6950f34267783b>) :handler ghub--handle-response :unpaginate nil :noerror nil :reader nil :buffer #<buffer magit: OpenRGB> :callback nil :errorback nil :value nil :extra nil))
  ghub-request("GET" "/projects/CalcProgrammer1%2FOpenRGB" nil :forge gitlab :query nil :payload nil :headers nil :silent nil :unpaginate nil :noerror nil :reader nil :username nil :auth forge :host "gitlab.com/api/v4" :callback nil :errorback nil :extra nil)
  glab-get("/projects/CalcProgrammer1%2FOpenRGB" nil :username nil :auth forge :host "gitlab.com/api/v4")
  glab-repository-id("CalcProgrammer1" "OpenRGB" :username nil :auth forge :host "gitlab.com/api/v4")
  ghub-repository-id("CalcProgrammer1" "OpenRGB" :host "gitlab.com/api/v4" :auth forge :forge gitlab :noerror nil)
  #f(compiled-function (class host owner name &optional stub noerror) "Return (OUR-ID . THEIR-ID) of the specified repository.\nIf optional STUB is non-nil, then the IDs are not guaranteed to\nbe unique.  Otherwise this method has to make an API request to\nretrieve THEIR-ID, the repository's ID on the forge.  In that\ncase OUR-ID derives from THEIR-ID and is unique across all\nforges and hosts." #<bytecode 0x182a9261fd84f3c3>)(forge-gitlab-repository "gitlab.com" "CalcProgrammer1" "OpenRGB" nil nil)
  apply(#f(compiled-function (class host owner name &optional stub noerror) "Return (OUR-ID . THEIR-ID) of the specified repository.\nIf optional STUB is non-nil, then the IDs are not guaranteed to\nbe unique.  Otherwise this method has to make an API request to\nretrieve THEIR-ID, the repository's ID on the forge.  In that\ncase OUR-ID derives from THEIR-ID and is unique across all\nforges and hosts." #<bytecode 0x182a9261fd84f3c3>) forge-gitlab-repository ("gitlab.com" "CalcProgrammer1" "OpenRGB" nil nil))
  forge--repository-ids(forge-gitlab-repository "gitlab.com" "CalcProgrammer1" "OpenRGB" nil nil)
  #f(compiled-function (&rest rest) "((HOST OWNER NAME) &optional REMOTE DEMAND)\n\nReturn the repository identified by HOST, OWNER and NAME.\nSee `forge-alist' for valid Git hosts." #<bytecode 0xb693faf21aa5d25>)(("gitlab.com" "CalcProgrammer1" "OpenRGB") nil :insert!)
  apply(#f(compiled-function (&rest rest) "((HOST OWNER NAME) &optional REMOTE DEMAND)\n\nReturn the repository identified by HOST, OWNER and NAME.\nSee `forge-alist' for valid Git hosts." #<bytecode 0xb693faf21aa5d25>) ("gitlab.com" "CalcProgrammer1" "OpenRGB") (nil :insert!))
  forge-get-repository(("gitlab.com" "CalcProgrammer1" "OpenRGB") nil :insert!)
  #f(compiled-function (repo &optional noerror demand) #<bytecode 0x1ff657b70ca11cd8>)(#<forge-gitlab-repository forge-gitlab-repository-103a787ede19> nil :insert!)
  apply(#f(compiled-function (repo &optional noerror demand) #<bytecode 0x1ff657b70ca11cd8>) #<forge-gitlab-repository forge-gitlab-repository-103a787ede19> (nil :insert!))
  forge-get-repository(#<forge-gitlab-repository forge-gitlab-repository-103a787ede19> nil :insert!)
  forge-add-repository(#<forge-gitlab-repository forge-gitlab-repository-103a787ede19>)
  #f(compiled-function (repo) (interactive #f(compiled-function () #<bytecode 0x7abd6776d812>)) #<bytecode 0x1e2aed1a03b8ded3>)(#<forge-gitlab-repository forge-gitlab-repository-103a787ede19>)
  apply(#f(compiled-function (repo) (interactive #f(compiled-function () #<bytecode 0x7abd6776d812>)) #<bytecode 0x1e2aed1a03b8ded3>) #<forge-gitlab-repository forge-gitlab-repository-103a787ede19>)
  (let ((debugger #'transient--exit-and-debug)) (apply fn args))
  (unwind-protect (let ((debugger #'transient--exit-and-debug)) (apply fn args)) (let* ((unwind (and t (eieio-oref prefix 'unwind-suffix)))) (if unwind (progn (transient--debug 'unwind-command) (funcall unwind suffix)) nil)) (advice-remove suffix advice) (eieio-oset prefix 'unwind-suffix nil))
  #f(lambda (fn &rest args) [(advice #0) (suffix transient:forge-add-repository::454) (prefix #<transient-prefix transient-prefix-103a7b52e9e7>)] (interactive #'(lambda (spec) (let ((abort t)) (unwind-protect (prog1 (let ((debugger #'transient--exit-and-debug)) (advice-eval-interactive-spec spec)) (setq abort nil)) (if abort (progn (let* ((unwind (and t (eieio-oref prefix 'unwind-suffix)))) (if unwind (progn (transient--debug 'unwind-interactive) (funcall unwind suffix)) nil)) (advice-remove suffix advice) (eieio-oset prefix 'unwind-suffix nil))))))) (unwind-protect (let ((debugger #'transient--exit-and-debug)) (apply fn args)) (let* ((unwind (and t (eieio-oref prefix 'unwind-suffix)))) (if unwind (progn (transient--debug 'unwind-command) (funcall unwind suffix)) nil)) (advice-remove suffix advice) (eieio-oset prefix 'unwind-suffix nil)))(#f(compiled-function (repo) (interactive #f(compiled-function () #<bytecode 0x7abd6776d812>)) #<bytecode 0x1e2aed1a03b8ded3>) #<forge-gitlab-repository forge-gitlab-repository-103a787ede19>)
  apply(#f(lambda (fn &rest args) [(advice #1) (suffix transient:forge-add-repository::454) (prefix #<transient-prefix transient-prefix-103a7b52e9e7>)] (interactive #'(lambda (spec) (let ((abort t)) (unwind-protect (prog1 ... ...) (if abort ...))))) (unwind-protect (let ((debugger #'transient--exit-and-debug)) (apply fn args)) (let* ((unwind (and t (eieio-oref prefix ...)))) (if unwind (progn (transient--debug 'unwind-command) (funcall unwind suffix)) nil)) (advice-remove suffix advice) (eieio-oset prefix 'unwind-suffix nil))) #f(compiled-function (repo) (interactive #f(compiled-function () #<bytecode 0x7abd6776d812>)) #<bytecode 0x1e2aed1a03b8ded3>) #<forge-gitlab-repository forge-gitlab-repository-103a787ede19>)
  transient:forge-add-repository::454(#<forge-gitlab-repository forge-gitlab-repository-103a787ede19>)
  funcall-interactively(transient:forge-add-repository::454 #<forge-gitlab-repository forge-gitlab-repository-103a787ede19>)
  command-execute(transient:forge-add-repository::454)

[tarsius]

I am considering

@@ -764,9 +764,14 @@ (defun ghub--basic-auth (host username)
 
 (defun ghub--token (host username package &optional nocreate forge)
   (let* ((user (ghub--ident username package))
+         (host* (and (string-match "/" host)
+                     (substring host 0 (match-beginning 0))))
          (token
           (or (car (ghub--auth-source-get (list :secret)
                      :host host :user user))
+              (and host*
+                   (car (ghub--auth-source-get (list :secret)
+                          :host host :user user)))
               (progn
                 ;; Auth-Source caches the information that there is no
                 ;; value, but in our case that is a situation that needs
@@ -775,6 +780,8 @@ (defun ghub--token (host username package &optional nocreate forge)
                 ;; The (:max 1) is needed and has to be placed at the
                 ;; end for Emacs releases before 26.1.  #24 #64 #72
                 (auth-source-forget (list :host host :user user :max 1))
+                (when host*
+                  (auth-source-forget (list :host host* :user user :max 1)))
                 (and (not nocreate)
                      (error "\
 Required %s token (\"%s\" for \"%s\") does not exist.

but to many suggestions are coming in right now and I won't be able to deal with this any time soon.

[Thaodan]

but to many suggestions are coming in right now and I won't be able to deal with this any time soon.

Take your time!

What I did to workaround/fix the issue was this:

diff --git a/lisp/ghub.el b/lisp/ghub.el
index 4451526..d98949d 100644
--- a/lisp/ghub.el
+++ b/lisp/ghub.el
@@ -775,7 +775,7 @@ and call `auth-source-forget+'."
   (let* ((user (ghub--ident username package))
          (token
           (or (car (ghub--auth-source-get (list :secret)
-                     :host host :user user))
+                     :host (url-host (url-generic-parse-url (concat "//" host))) :user user))
               (progn
                 ;; Auth-Source caches the information that there is no
                 ;; value, but in our case that is a situation that needs

I was going to post this earlier but forgot.