From: "brian m. carlson" <sandals@crustytoothpaste.net>
To: Christian Halstrick <christian.halstrick@gmail.com>
Cc: Git <git@vger.kernel.org>
Subject: Re: OAuth2 support in git?
Date: Thu, 14 Jun 2018 10:13:42 +0000 [thread overview]
Message-ID: <20180614101342.GO38834@genre.crustytoothpaste.net> (raw)
In-Reply-To: <CAENte7iUYcLX1ym1rdiYT2L8yLSWforf8kUvfHKLvhi_GhKQvg@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1330 bytes --]
On Thu, Jun 14, 2018 at 10:09:39AM +0200, Christian Halstrick wrote:
> Can I use native git as client to contact a git server which does
> authentication with OAuth2 Client Credentials Grant [1]?
>
> Background: We are running gerrit based git servers [2] in a cloud
> environment. That environment supports OAuth2 authorization for the
> apps running in the cloud. The idea is that clients (e.g. jenkins
> jobs) talking git over http with such git servers should be able to
> use OAuth2 tokens to authenticate clone/fetch requests. We would have
> to adapt gerrit source code for token handling/validation but I am
> asking here about the client side.
>
> I know that other git server environments like github support that on
> client side by allowing tokens to be used as usernames in a BASIC
> authentication flow. We could do the same but I am asking whether
> there is also a way to transport tokens in a standard conform
> "Authorization: Bearer ..." Header field.
There isn't any support for Bearer authentication in Git. For HTTP, we
use libcurl, which doesn't provide this natively. While it could in
theory be added, it would require some reworking of the auth code.
You are, of course, welcome to send a patch.
--
brian m. carlson: Houston, Texas, US
OpenPGP: https://keybase.io/bk2204
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 867 bytes --]
next prev parent reply other threads:[~2018-06-14 10:13 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-14 8:09 OAuth2 support in git? Christian Halstrick
2018-06-14 10:13 ` brian m. carlson [this message]
2018-06-14 15:15 ` Jeff King
2018-06-14 20:46 ` Randall S. Becker
2018-06-14 21:01 ` Jeff King
2018-06-14 22:20 ` brian m. carlson
2018-06-17 11:37 ` Johannes Schindelin
2018-06-18 4:17 ` Jeff King
2018-06-18 15:53 ` Junio C Hamano
2018-06-18 21:26 ` Jeff King
2018-06-19 12:36 ` Christian Halstrick
2018-06-19 16:45 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180614101342.GO38834@genre.crustytoothpaste.net \
--to=sandals@crustytoothpaste.net \
--cc=christian.halstrick@gmail.com \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).