What happens when using storage helper osxkeychain?

[hydrajump]

This happens because git-credential-osxkeychain doesn't store attributes password_expiry_utc and oauth_refresh_token . These are necessary for OAuth token refresh.

Originally posted by @hickford in #42 (comment)

Does this mean that the OAuth token never expires when using the default configuration below?

[credential]
	helper = osxkeychain
	helper = oauth

[hickford]

periodically I have to run the git command twice

You'll find that authentication fails once every two hours, because Git tries to use an expired token. Git immediately erases the invalid credential, so repeating the command will generate a fresh OAuth token and succeed.

This problem only occurs with GitLab, BitBucket and Gitea. It doesn't occur with GitHub because GitHub's OAuth tokens never expire.

[hydrajump]

To make sure I understand what you're saying:

You'll find that authentication fails once every two hours,

This is only applicable when the cache helper is used and a timeout of 7200 is set, correct?

Config:

[credential]
	helper = cache --timeout 7200
	helper = oauth

This problem doesn't occur with GitHub because GitHub's OAuth tokens never expire.

Right when the osxkeychain is used to store the oauth token it never expires. This was what I wanted to confirm when I created this issue :)

Config:

[credential]
	helper = osxkeychain
	helper = oauth

AFAICT it doesn't make sense to combine the cache and osxkeychain helpers as shown below. Do you agree?

Config:

[credential]
	helper = cache --timeout 7200
	helper = osxkeychain
	helper = oauth

[hickford]

A fix to credential-osxkeychain is in review gitgitgadget/git#1667 https://lore.kernel.org/git/pull.1667.git.1708212896.gitgitgadget@gmail.com/

[hickford]

Fixed in Git 2.45 https://github.com/git/git/commits/v2.45.0/contrib/credential/osxkeychain