Re: OAuth2 support in git?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



What is not clear to me is how we can make use of the servers initial
response in
order control which credential helper to call and how to transport the
credentials.

Imagine we try to clone over http. The initial request sent to the server
may not contain a "Authorization: ..." header and the server responds
with Unauthorized.
But the server response contains hints like a "WWW-Authenticate: Basic
realm=..." line
or a "WWW-Authenticate: Bearer realm=..." line which helps choosing the
authentication scheme used next. Maybe the server even responds with both lines
telling I would accept BASIC or BEARER.

I can imagine that we want libcurl to deal with that decisions. But
even then. How
do we make sure the our credential helpers can act return either user/password
or bearer tokens based on the server response? If credential helper
would have access
to the servers response (or only relevant parts of it?) it could
decide whether to
feel responsible for that server or not and what data to return.

And if credential helper could optionally give metadata about the kind
credential they offer
(e.g. "I return user/password" or "I return a bearer token") then core
code could know
where to transport this data. E.g. in a "Authorization: Basic ..." or
a "Authorization: Bearer ..."
field.

Ciao
  Chris



[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux