From a87c78665d97b9c0f2d07a8a487cb168f4935054 Mon Sep 17 00:00:00 2001
From: Brian Kennedy <briankennedy@google.com>
Date: Tue, 15 Jun 2021 11:22:44 -0700
Subject: [PATCH] Improve error message for askpass.

When endpoint returns non-200 status, include the body in the error
message since it can contain useful information for debugging.  Also
defer closing the response body ReadCloser as this may have leaked in
the past.
---
 cmd/git-sync/main.go | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/cmd/git-sync/main.go b/cmd/git-sync/main.go
index d75076eb1..68575f5cf 100644
--- a/cmd/git-sync/main.go
+++ b/cmd/git-sync/main.go
@@ -1365,11 +1365,17 @@ func (git *repoSync) CallAskPassURL(ctx context.Context) error {
 	if err != nil {
 		return fmt.Errorf("can't access auth URL: %w", err)
 	}
+	defer func() {
+		_ = resp.Body.Close()
+	}()
 	if resp.StatusCode != 200 {
-		return fmt.Errorf("auth URL returned status %d", resp.StatusCode)
+		errMessage, err := ioutil.ReadAll(resp.Body)
+		if err != nil {
+			return fmt.Errorf("auth URL returned status %d, failed to read body: %w", resp.StatusCode, err)
+		}
+		return fmt.Errorf("auth URL returned status %d, body: %q", resp.StatusCode, string(errMessage))
 	}
 	authData, err := ioutil.ReadAll(resp.Body)
-	resp.Body.Close()
 	if err != nil {
 		return fmt.Errorf("can't read auth response: %w", err)
 	}