Comments (15)
Just ran into the same thing and would like 2FA support as well.
from git-repo.
ok, it's merged in devel. I'll roll it out with the next release.
from git-repo.
well, the idea is that when you enter login/password with github, it's actually creating a personal token for git-repo, it's NOT keeping your credentials.
I agree it's a bit too cryptic and needs more explanation, though. But if you don't want to share your credentials, just can edit ~/.gitconfig
manually!
from git-repo.
About github 2FA per se, it's definitely a good idea, but it's definitely low priority for me, way after implementing proper OAuth for bitbucket.
from git-repo.
how would you see the 2FA happening? Just for the first time authentication? Or each time you're using the CLI tool?
from git-repo.
I'd be happy to see a proper usage use case for accepting the 2FA as a feature.
from git-repo.
With what you've described above, here's an ideal situation:
- User runs
git repo config
for the first time and elects to use GitHub. - Wizard prompts user for username and password.
- Two options:
a. User with 2FA enabled sends username and password. Wizard receives X-GitHub-OTP: required; :2fa-type
header (see here). User is prompted for OTP password, which is sent, in the X-GitHub-OTP
header, along with another request containing the username and password. GitHub approves, and the wizard continues as normal.
b. User without 2FA enabled sends username and password. GitHub approves, and the wizard continues as normal.
This way, anyone with 2FA enabled (i.e. those who have any sense of security) can take advantage of the wizard and git-repo
as a whole.
from git-repo.
oooh alright… we'll have to check with @sigmavirus24 how the sigmavirus24/github3.py library would handle 2FA, and I might make a patch for that.
from git-repo.
looks like it's in the lib sigmavirus24/github3.py#167 so it's definitely possible to add support in the client.
from git-repo.
I've just pushed a new branch that supports 2FA auth:
https://github.com/guyzmo/git-repo/tree/features/2FA_github
the only issue is that it crashes with a 422 Validation Failed when trying to create a token for the tool.
Please test and hack based on that commit 0c29743
from git-repo.
Downloaded and installed from that branch, got the following error: Fatal error: 'GitHub' object has no attribute 'token'
from git-repo.
oh, I'm sorry, I forgot a bit of code when I made the commit ☺
Though it's still failing with the 422 error.
I guess that we need to patch the github3.py code so that it supports the
two_factor_auth_callback setting as shown in the login()
method.
The main difference in auth methods being that authorize()
uses self.session.temporary_basic_auth()
, whilst login()
uses self.session.basic_auth()
. Looking more closely at the code, the former is actually a wrapper around the second, implemented as a context manager.
As you can see, on the git-repo
side, the code implementing auth is pretty minimalistic…
from git-repo.
self.session.basic_auth()
does nothing with the 2FA callback work. You'll need to tell us you're going to use the 2FA callback (at the moment just doing gh.login(two_factor_callback=...)
and then using authorize. It will still catch it for you
from git-repo.
hi @sigmavirus24 🖖, very nice of you to join the discussion!
well, that's what I've actually implemented there, and for some reason it's failing with a 422.
So let's dig into that…
from git-repo.
…ok I went too fast when I first tried.
The issue is that when there's already a key with the same name on github, it's failing with a 422 Unprocessable Entity
, making some confusion.
So basically, the 2FA code is working! I'm not sure how I can make a meaningful regression test for that, though… ☹
from git-repo.
Related Issues (20)
- Fatal error: 'GitRepoRunner' object has no attribute 'target' HOT 2
- Setup for BitBucket? HOT 5
- Bug: configure gitlab produces Fatal error HOT 5
- Getting error when installing from git repo HOT 3
- Naming HOT 1
- Bitbutcket request ls shows more than just open PRs HOT 5
- setup.py not compatible with pip 10+
- Can't create repo on gitlab HOT 1
- Fatal error: list index out of range for Python 3.6 HOT 3
- Switch bitbucket API lib to new official one
- Fix simple typo: pagckage -> package
- fatal: manifest 'default.xml' not availabl HOT 1
- Add full gitea support HOT 1
- github: Support for python 3.10 (dependency update required)
- Build Failure
- with the help of Java application Build
- TestNG
- how to run Yolo V8 model with DLL's
- Customized Yolo NAS model
- how to generate alerts(audio) while detecting the objects..
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from git-repo.