On Thu, Jun 14, 2018 at 10:09:39AM +0200, Christian Halstrick wrote: > Can I use native git as client to contact a git server which does > authentication with OAuth2 Client Credentials Grant [1]? > > Background: We are running gerrit based git servers [2] in a cloud > environment. That environment supports OAuth2 authorization for the > apps running in the cloud. The idea is that clients (e.g. jenkins > jobs) talking git over http with such git servers should be able to > use OAuth2 tokens to authenticate clone/fetch requests. We would have > to adapt gerrit source code for token handling/validation but I am > asking here about the client side. > > I know that other git server environments like github support that on > client side by allowing tokens to be used as usernames in a BASIC > authentication flow. We could do the same but I am asking whether > there is also a way to transport tokens in a standard conform > "Authorization: Bearer ..." Header field. There isn't any support for Bearer authentication in Git. For HTTP, we use libcurl, which doesn't provide this natively. While it could in theory be added, it would require some reworking of the auth code. You are, of course, welcome to send a patch. -- brian m. carlson: Houston, Texas, US OpenPGP: https://keybase.io/bk2204
Attachment:
signature.asc
Description: PGP signature