Details
-
Bug
-
Resolution: Fixed
-
Medium
-
6.0.0, 6.7.1
-
1
-
Severity 3 - Minor
-
Description
Issue Summary
Pushing LFS tracked files over SSH (LFS will still use HTTPs) fails.
Git LFS 2.7.2
Git 2.20.1 client
Though the versions don't seem to be relevant.
Steps to Reproduce
- Create a username with numbers (12test12)
- Create a personal repository
- Clone over SSH
- Add a file and track it with "git lfs track <filename>
- Attempt to push
Expected Results
The push occurs without issue
Actual Results
The push fails with:
WARNING: Authentication error: Authentication required: Authorization error: https://<BITBUCKET URL>/scm/~12test12/pushtest.git/info/lfs/locks/verify Check that you have proper access to the repository batch response: Authentication required: Authorization error: https:/<BITBUCKET URL>/scm/~12test12/pushtest.git/info/lfs/objects/batch Check that you have proper access to the repository Uploading LFS objects: 0% (0/1), 0 B | 0 B/s, done error: failed to push some refs to 'ssh://git@<SSH BACKEND URL>:7999/~12test12/pushtest.git'
The below exception is thrown in the atlassian-bitbucket.log file:
2019-11-25 10:44:13,924 WARN [http-nio-7990-exec-9] @LOGPX1x644x162143x1 98.156.239.57,192.168.2.155 "POST /scm/~12test12/pushtest.git/info/lfs/objects/batch HTTP/1.0" c.a.j.i.s.DefaultAuthenticationResultHandler Failure during JWT authentication com.atlassian.jwt.exception.JwtInvalidClaimException: Invalid Git LFS path: /scm/~12test12/pushtest.git/info/lfs/objects/batch at com.atlassian.bitbucket.internal.scm.git.lfs.jwt.GitLfsApiClaimVerifiersBuilder$GitLfsActionClaimVerifier.verify(GitLfsApiClaimVerifiersBuilder.java:71) at com.atlassian.jwt.core.reader.NimbusJwtReader.read(NimbusJwtReader.java:151) at com.atlassian.jwt.core.reader.NimbusJwtReader.readAndVerify(NimbusJwtReader.java:57) at com.atlassian.jwt.internal.DefaultJwtService.verifyJwt(DefaultJwtService.java:49) at com.atlassian.jwt.internal.sal.JwtAuthenticatorImpl.verifyJwt(JwtAuthenticatorImpl.java:62) at com.atlassian.jwt.core.http.auth.AbstractJwtAuthenticator.verifyJwt(AbstractJwtAuthenticator.java:118) at com.atlassian.jwt.core.http.auth.AbstractJwtAuthenticator.authenticate(AbstractJwtAuthenticator.java:71) at com.atlassian.jwt.internal.sal.JwtAuthenticatorImpl.authenticate(JwtAuthenticatorImpl.java:30) at com.atlassian.jwt.internal.servlet.JwtAuthFilter.mayProceed(JwtAuthFilter.java:79) at com.atlassian.jwt.internal.servlet.JwtAuthFilter.doFilter(JwtAuthFilter.java:35) at com.atlassian.stash.internal.spring.lifecycle.LifecycleJohnsonServletFilterModuleContainerFilter.doFilter(LifecycleJohnsonServletFilterModuleContainerFilter.java:42) at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doBeforeBeforeLoginFilters(BeforeLoginPluginAuthenticationFilter.java:90) at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:73) at com.atlassian.stash.internal.request.DefaultRequestManager.doAsRequest(DefaultRequestManager.java:87) at com.atlassian.stash.internal.hazelcast.ConfigurableWebFilter.doFilter(ConfigurableWebFilter.java:38) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.lang.Thread.run(Thread.java:748) ... 72 frames trimmed
Workaround
- Create a copy repository in a non-personal project that only your user has access to.
- User HTTPS instead of SSH
Attachments
Issue Links
- mentioned in
-
Page Loading...