spotlesscoder
diff --git a/‎src/main/java/org/kohsuke/github/CredentialProvider.java
Copy file name to clipboardExpand all lines: src/main/java/org/kohsuke/github/CredentialProvider.java
+8Lines changed: 8 additions & 0 deletions b/‎src/main/java/org/kohsuke/github/CredentialProvider.java
Copy file name to clipboardExpand all lines: src/main/java/org/kohsuke/github/CredentialProvider.java
+8Lines changed: 8 additions & 0 deletions
diff --git a/‎src/main/java/org/kohsuke/github/GitHub.java
Copy file name to clipboardExpand all lines: src/main/java/org/kohsuke/github/GitHub.java
+38-16Lines changed: 38 additions & 16 deletions b/‎src/main/java/org/kohsuke/github/GitHub.java
Copy file name to clipboardExpand all lines: src/main/java/org/kohsuke/github/GitHub.java
+38-16Lines changed: 38 additions & 16 deletions
diff --git a/‎src/main/java/org/kohsuke/github/GitHubBuilder.java
Copy file name to clipboardExpand all lines: src/main/java/org/kohsuke/github/GitHubBuilder.java
+8-21Lines changed: 8 additions & 21 deletions b/‎src/main/java/org/kohsuke/github/GitHubBuilder.java
Copy file name to clipboardExpand all lines: src/main/java/org/kohsuke/github/GitHubBuilder.java
+8-21Lines changed: 8 additions & 21 deletions
diff --git a/‎src/main/java/org/kohsuke/github/GitHubClient.java
Copy file name to clipboardExpand all lines: src/main/java/org/kohsuke/github/GitHubClient.java
+20-33Lines changed: 20 additions & 33 deletions b/‎src/main/java/org/kohsuke/github/GitHubClient.java
Copy file name to clipboardExpand all lines: src/main/java/org/kohsuke/github/GitHubClient.java
+20-33Lines changed: 20 additions & 33 deletions
diff --git a/‎src/main/java/org/kohsuke/github/GitHubHttpUrlConnectionClient.java
Copy file name to clipboardExpand all lines: src/main/java/org/kohsuke/github/GitHubHttpUrlConnectionClient.java
+5-10Lines changed: 5 additions & 10 deletions b/‎src/main/java/org/kohsuke/github/GitHubHttpUrlConnectionClient.java
Copy file name to clipboardExpand all lines: src/main/java/org/kohsuke/github/GitHubHttpUrlConnectionClient.java
+5-10Lines changed: 5 additions & 10 deletions
@@ -31,6 +31,14 @@ public interface CredentialProvider {
      */
     String getEncodedAuthorization() throws IOException;
 
+    /**
+     * Binds this credential provider to a github instance.
+     *
+     * @param github
+     */
+    default void bind(GitHub github) {
+    }
+
     /**
      * A {@link CredentialProvider} that ensures that no credentials are returned
      */
 
@@ -93,32 +93,25 @@ public class GitHub {
      *            "http://ghe.acme.com/api/v3". Note that GitHub Enterprise has <code>/api/v3</code> in the URL. For
      *            historical reasons, this parameter still accepts the bare domain name, but that's considered
      *            deprecated. Password is also considered deprecated as it is no longer required for api usage.
-     * @param login
-     *            The user ID on GitHub that you are logging in as. Can be omitted if the OAuth token is provided or if
-     *            logging in anonymously. Specifying this would save one API call.
-     * @param oauthAccessToken
-     *            Secret OAuth token.
-     * @param password
-     *            User's password. Always used in conjunction with the {@code login} parameter
      * @param connector
+     *            a connector
+     * @param rateLimitHandler
+     *            rateLimitHandler
+     * @param abuseLimitHandler
+     *            abuseLimitHandler
+     * @param rateLimitChecker
+     *            rateLimitChecker
      * @param credentialProvider
-     *            a credential provider, takes preference over all other auth-related parameters if it's not null
+     *            a credential provider
      */
     GitHub(String apiUrl,
-            String login,
-            String oauthAccessToken,
-            String jwtToken,
-            String password,
             HttpConnector connector,
             RateLimitHandler rateLimitHandler,
             AbuseLimitHandler abuseLimitHandler,
             GitHubRateLimitChecker rateLimitChecker,
             CredentialProvider credentialProvider) throws IOException {
+        credentialProvider.bind(this);
         this.client = new GitHubHttpUrlConnectionClient(apiUrl,
-                login,
-                oauthAccessToken,
-                jwtToken,
-                password,
                 connector,
                 rateLimitHandler,
                 abuseLimitHandler,
@@ -129,6 +122,35 @@ public class GitHub {
         orgs = new ConcurrentHashMap<>();
     }
 
+    private GitHub(GitHubClient client) {
+        this.client = client;
+        users = new ConcurrentHashMap<>();
+        orgs = new ConcurrentHashMap<>();
+    }
+
+    static class CredentialRefreshGitHubWrapper extends GitHub {
+
+        CredentialProvider credentialProvider;
+
+        CredentialRefreshGitHubWrapper(GitHub github, CredentialProvider credentialProvider) {
+            super(github.client);
+            this.credentialProvider = credentialProvider;
+            this.credentialProvider.bind(this);
+        }
+
+        @Nonnull
+        @Override
+        Requester createRequest() {
+            try {
+                // Override
+                return super.createRequest().setHeader("Authorization", credentialProvider.getEncodedAuthorization())
+                        .rateLimit(RateLimitTarget.NONE);
+            } catch (IOException e) {
+                throw new GHException("Failed to create requester to refresh credentials", e);
+            }
+        }
+    }
+
     /**
      * Obtains the credential from "~/.github" or from the System Environment Properties.
      *
 
@@ -24,17 +24,13 @@ public class GitHubBuilder implements Cloneable {
 
     // default scoped so unit tests can read them.
     /* private */ String endpoint = GitHubClient.GITHUB_URL;
-    /* private */ String user;
-    /* private */ String password;
-    /* private */ String oauthToken;
-    /* private */ String jwtToken;
 
     private HttpConnector connector;
 
     private RateLimitHandler rateLimitHandler = RateLimitHandler.WAIT;
     private AbuseLimitHandler abuseLimitHandler = AbuseLimitHandler.WAIT;
     private GitHubRateLimitChecker rateLimitChecker = new GitHubRateLimitChecker();
-    private CredentialProvider credentialProvider = null;
+    private CredentialProvider credentialProvider = CredentialProvider.ANONYMOUS;
 
     /**
      * Instantiates a new Git hub builder.
@@ -62,13 +58,13 @@ static GitHubBuilder fromCredentials() throws IOException {
 
         builder = fromEnvironment();
 
-        if (builder.oauthToken != null || builder.user != null || builder.jwtToken != null)
+        if (builder.credentialProvider != null)
             return builder;
 
         try {
             builder = fromPropertyFile();
 
-            if (builder.oauthToken != null || builder.user != null || builder.jwtToken != null)
+            if (builder.credentialProvider != null)
                 return builder;
         } catch (FileNotFoundException e) {
             // fall through
@@ -248,9 +244,7 @@ public GitHubBuilder withEndpoint(String endpoint) {
      * @return the git hub builder
      */
     public GitHubBuilder withPassword(String user, String password) {
-        this.user = user;
-        this.password = password;
-        return this;
+        return withCredentialProvider(ImmutableCredentialProvider.fromLoginAndPassword(user, password));
     }
 
     /**
@@ -261,7 +255,7 @@ public GitHubBuilder withPassword(String user, String password) {
      * @return the git hub builder
      */
     public GitHubBuilder withOAuthToken(String oauthToken) {
-        return withOAuthToken(oauthToken, null);
+        return withCredentialProvider(ImmutableCredentialProvider.fromOauthToken(oauthToken));
     }
 
     /**
@@ -274,9 +268,7 @@ public GitHubBuilder withOAuthToken(String oauthToken) {
      * @return the git hub builder
      */
     public GitHubBuilder withOAuthToken(String oauthToken, String user) {
-        this.oauthToken = oauthToken;
-        this.user = user;
-        return this;
+        return withCredentialProvider(ImmutableCredentialProvider.fromOauthToken(oauthToken, user));
     }
 
     public GitHubBuilder withCredentialProvider(final CredentialProvider credentialProvider) {
@@ -293,7 +285,7 @@ public GitHubBuilder withCredentialProvider(final CredentialProvider credentialP
      * @see GHAppInstallation#createToken(java.util.Map) GHAppInstallation#createToken(java.util.Map)
      */
     public GitHubBuilder withAppInstallationToken(String appInstallationToken) {
-        return withOAuthToken(appInstallationToken, "");
+        return withCredentialProvider(ImmutableCredentialProvider.fromAppInstallationToken(appInstallationToken));
     }
 
     /**
@@ -304,8 +296,7 @@ public GitHubBuilder withAppInstallationToken(String appInstallationToken) {
      * @return the git hub builder
      */
     public GitHubBuilder withJwtToken(String jwtToken) {
-        this.jwtToken = jwtToken;
-        return this;
+        return withCredentialProvider(ImmutableCredentialProvider.fromJwtToken(jwtToken));
     }
 
     /**
@@ -427,10 +418,6 @@ public GitHubBuilder withProxy(final Proxy p) {
      */
     public GitHub build() throws IOException {
         return new GitHub(endpoint,
-                user,
-                oauthToken,
-                jwtToken,
-                password,
                 connector,
                 rateLimitHandler,
                 abuseLimitHandler,
 
@@ -3,7 +3,6 @@
 import com.fasterxml.jackson.databind.*;
 import com.fasterxml.jackson.databind.introspect.VisibilityChecker;
 import org.apache.commons.io.IOUtils;
-import org.jetbrains.annotations.Nullable;
 
 import java.io.FileNotFoundException;
 import java.io.IOException;
@@ -72,10 +71,6 @@ abstract class GitHubClient {
     }
 
     GitHubClient(String apiUrl,
-            String login,
-            String oauthAccessToken,
-            String jwtToken,
-            String password,
             HttpConnector connector,
             RateLimitHandler rateLimitHandler,
             AbuseLimitHandler abuseLimitHandler,
@@ -94,42 +89,35 @@ abstract class GitHubClient {
         this.connector = connector;
 
         // Prefer credential configuration via provider
-        if (credentialProvider != null) {
-            this.credentialProvider = credentialProvider;
-        } else {
-            if (oauthAccessToken != null) {
-                this.credentialProvider = ImmutableCredentialProvider.fromOauthToken(oauthAccessToken);
-            } else {
-                if (jwtToken != null) {
-                    this.credentialProvider = ImmutableCredentialProvider.fromJwtToken(jwtToken);
-                } else if (password != null) {
-                    this.credentialProvider = ImmutableCredentialProvider.fromLoginAndPassword(login, password);
-                } else {// anonymous access
-                    this.credentialProvider = CredentialProvider.ANONYMOUS;
-                }
-            }
-        }
+        this.credentialProvider = credentialProvider;
 
         this.rateLimitHandler = rateLimitHandler;
         this.abuseLimitHandler = abuseLimitHandler;
         this.rateLimitChecker = rateLimitChecker;
 
-        this.login = getCurrentUser(login, jwtToken, myselfConsumer);
+        this.login = getCurrentUser(myselfConsumer);
     }
 
-    @Nullable
-    private String getCurrentUser(String login, String jwtToken, Consumer<GHMyself> myselfConsumer) throws IOException {
-        if (login == null && this.credentialProvider.getEncodedAuthorization() != null && jwtToken == null) {
-            try {
-                GHMyself myself = fetch(GHMyself.class, "/user");
-                if (myselfConsumer != null) {
-                    myselfConsumer.accept(myself);
+    private String getCurrentUser(Consumer<GHMyself> myselfConsumer) throws IOException {
+        String login = null;
+        if (this.credentialProvider instanceof ImmutableCredentialProvider.UserCredentialProvider
+                && this.credentialProvider.getEncodedAuthorization() != null) {
+
+            ImmutableCredentialProvider.UserCredentialProvider userCredentialProvider = (ImmutableCredentialProvider.UserCredentialProvider) this.credentialProvider;
+
+            login = userCredentialProvider.getLogin();
+
+            if (login == null) {
+                try {
+                    GHMyself myself = fetch(GHMyself.class, "/user");
+                    if (myselfConsumer != null) {
+                        myselfConsumer.accept(myself);
+                    }
+                    login = myself.getLogin();
+                } catch (IOException e) {
+                    return null;
                 }
-                return myself.getLogin();
-            } catch (IOException e) {
-                return null;
             }
-
         }
         return login;
     }
@@ -394,7 +382,6 @@ public <T> GitHubResponse<T> sendRequest(GitHubRequest request, @CheckForNull Gi
                                 "GitHub API request [" + (login == null ? "anonymous" : login) + "]: "
                                         + request.method() + " " + request.url().toString());
                     }
-
                     rateLimitChecker.checkRateLimit(this, request);
 
                     responseInfo = getResponseInfo(request);
 
@@ -33,21 +33,13 @@
 class GitHubHttpUrlConnectionClient extends GitHubClient {
 
     GitHubHttpUrlConnectionClient(String apiUrl,
-            String login,
-            String oauthAccessToken,
-            String jwtToken,
-            String password,
             HttpConnector connector,
             RateLimitHandler rateLimitHandler,
             AbuseLimitHandler abuseLimitHandler,
             GitHubRateLimitChecker rateLimitChecker,
             Consumer<GHMyself> myselfConsumer,
             CredentialProvider credentialProvider) throws IOException {
         super(apiUrl,
-                login,
-                oauthAccessToken,
-                jwtToken,
-                password,
                 connector,
                 rateLimitHandler,
                 abuseLimitHandler,
@@ -116,8 +108,11 @@ static HttpURLConnection setupConnection(@Nonnull GitHubClient client, @Nonnull
 
             // if the authentication is needed but no credential is given, try it anyway (so that some calls
             // that do work with anonymous access in the reduced form should still work.)
-            if (client.credentialProvider.getEncodedAuthorization() != null) {
-                connection.setRequestProperty("Authorization", client.credentialProvider.getEncodedAuthorization());
+            if (!request.headers().containsKey("Authorization")) {
+                String authorization = client.credentialProvider.getEncodedAuthorization();
+                if (authorization != null) {
+                    connection.setRequestProperty("Authorization", client.credentialProvider.getEncodedAuthorization());
+                }
             }
 
             setRequestMethod(request.method(), connection);