org-sync icon indicating copy to clipboard operation
org-sync copied to clipboard
verified publisher icon arbox

Use personal tokens for Github/Gitlab access

Open backerman opened this issue 8 years ago • 5 comments

It would be nice if org-sync used personal tokens for Github and Gitlab access e.g. by using the magit/ghub library. In addition to following least-privilege, this change woudl take the secret out of the user's .emacs (because ghub stores the token in ~/.authinfo).

backerman avatar Mar 24 '18 01:03 backerman

The gitlab backend is already using a token for authentication (it's not possible to auth with user+pass). I suppose the same could be implemented for the github backend.

I don't understand what you mean by magit/ghub. Are you suggesting that the org-sync backend for github shouldn't handle authentication at all but rather rely on another library? I'm not familiar with the ghub library but at least magit is not a great fit since that works with git while org-sync is all about issues, which are via a HTTP JSON REST API and not via git.

plajjan avatar Apr 03 '18 08:04 plajjan

@plajjan think this is what @backerman is talking about.

https://emacsair.me/2018/03/20/ghub-2.0/

divansantana avatar Apr 03 '18 19:04 divansantana

@divansantana right, ok, makes sense.

plajjan avatar Apr 04 '18 12:04 plajjan

Is this resolved? I'm trying to use this with 2FA.

safijari avatar Jul 18 '18 21:07 safijari

I was pleased to find that on Github you can use personal access tokens instead of password. So that worked even with 2FA. I created a PR to suggest that in readme https://github.com/arbox/org-sync/pull/54

karlicoss avatar Dec 26 '19 13:12 karlicoss