hub icon indicating copy to clipboard operation
hub copied to clipboard

Published 20 hours ago verified publisher icon mislav

Support web-based OAuth flow for Enterprise authentication

Open misilot opened this issue 12 years ago • 6 comments
trafficstars

Hi,

I am trying to use with GitHub Enterprise, however it keeps asking for a username and password. We are using the CAS backend.

Thanks!

misilot avatar Aug 26 '13 12:08 misilot

I don't know what a CAS backend is. GitHub has two different types of authentication:

  1. the git authentication to get access to repos (usually by SSH keys);
  2. the website/API authentication (first by username/password, then via OAuth).

hub uses GitHub API, so it needs to exchange your username/password for OAuth keys. This has nothing to do with git protocol over SSH, and SSH keys can't help here.

I suspect that whatever CAS is, it means you don't have a regular GH Enterprise username/password that you can pass on the command-line. Not sure how to work around this

mislav avatar Aug 26 '13 13:08 mislav

Correct, we authenticating against an external authentication scheme. So we do not have regular GH Enterprise username/password that can be passed on the command-line.

On Mon, Aug 26, 2013 at 9:23 AM, Mislav Marohnić [email protected]:

I don't know what a CAS backend is. GitHub has two different types of authentication:

  1. the git authentication to get access to repos (usually by SSH keys);
  2. the website/API authentication (first by username/password, then via OAuth).

hub uses GitHub API, so it needs to exchange your username/password for OAuth keys. This has nothing to do with git protocol over SSH, and SSH keys can't help here.

I suspect that whatever CAS is, it means you don't have a regular GH Enterprise username/password that you can pass on the command-line. Not sure how to work around this

— Reply to this email directly or view it on GitHubhttps://github.com/github/hub/issues/384#issuecomment-23261888 .

misilot avatar Aug 26 '13 13:08 misilot

Here's a person who had the same issue and solved it manually https://github.com/github/hub/issues/293#issuecomment-13980152

I understand that this is hackish and confusing. I'll look into how to support the web-based OAuth flow in case there's no username/password. However, in the meantime you're on your own

mislav avatar Aug 26 '13 13:08 mislav

Thanks

On Mon, Aug 26, 2013 at 9:29 AM, Mislav Marohnić [email protected]:

Here's a person who had the same issue and solved it manually #293https://github.com/github/hub/issues/293#issuecomment-13980152

I understand that this is hackish and confusing. I'll look into how to support the web-based OAuth flow in case there's no username/password. However, in the meantime you're on your own

— Reply to this email directly or view it on GitHubhttps://github.com/github/hub/issues/384#issuecomment-23262274 .

misilot avatar Aug 26 '13 13:08 misilot

Even if user/pass hypothetically did work for some user I haven't yet encountered, they could get an access token just as easily as anyone else, so I wonder why the command-line tool couldn't just prompt for the access token instead of user/pass, and let the people who haven't made one yet make one specifically for the tool.

hakanai avatar Oct 12 '17 05:10 hakanai

Any update on this open issue?

mpeddycord avatar Apr 26 '22 14:04 mpeddycord