Skip to content

Implement Authentication tokens for the git client #38

New issue
New issue
Open
Open
Implement Authentication tokens for the git client#38
Labels
enhancementNew feature or requestprotocolEverything related with the developer (git) experience
Milestone
Advanced authentication/authorization
@grovesy

Description

@grovesy
grovesy
opened on Nov 23, 2020

The developers git client uses the target GIT servers authentication/authorization mechanism - and this is pass-through/transparent to the proxy.

  • We need to tie the developer making a 'push' or 'pull' with a GitProxy user (which ties to the corporate account)
  • We cannot interfere with the authentication with the target git-server (i.e. GitHub)
  • We do not want to hold Git credentials for the user

Therefore a Proxy user will be issued a token -

Getting a Token before working with the proxy through a git client

  1. The developer logs into the GitProxy UI, navigates to their account page
  2. The user enacts 'get token' - this reveals a token to the user. e.g. abc12345
  3. Through the users git-client the user will run (replace finos/git-proxy.git with the repo they want to work with)
git remote add origin https://[email protected]/finos/git-proxy.git

When Clone, Pull, Push requests are made through the proxy, the proxy will take the token and tie that to the git-proxy user. The proxy will then check that the token is valid and the user is allowed to work with the repository.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestprotocolEverything related with the developer (git) experience

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions