Implement Authentication tokens for the git client

[grovesy]

The developers git client uses the target GIT servers authentication/authorization mechanism - and this is pass-through/transparent to the proxy.

• We need to tie the developer making a 'push' or 'pull' with a GitProxy user (which ties to the corporate account)
• We cannot interfere with the authentication with the target git-server (i.e. GitHub)
• We do not want to hold Git credentials for the user

Therefore a Proxy user will be issued a token -

Getting a Token before working with the proxy through a git client

1. The developer logs into the GitProxy UI, navigates to their account page
2. The user enacts 'get token' - this reveals a token to the user. e.g. abc12345
3. Through the users git-client the user will run (replace finos/git-proxy.git with the repo they want to work with)

git remote add origin https://[email protected]/finos/git-proxy.git

When Clone, Pull, Push requests are made through the proxy, the proxy will take the token and tie that to the git-proxy user. The proxy will then check that the token is valid and the user is allowed to work with the repository.

[grovesy]

I am thinking of not doing this in the short term - instead for the MVP tie the git-proxy user with the git-user