You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
GitLab repositories support Authorization: Bearer xxx headers as a method for authentication via auth.json. If a repository domain is listed under gitlab-domains in the config and auth.json contains an http-basic entry for that domain with the username oauth2, the password will be sent as the token.
GitLab isn't the only platform in the world using API tokens to authenticate. Right now you can add any functioning Composer repository with token-based authentication, GitLab-backed or not, to the gitlab-domains config and then configure a token as described and you'll authenticate just fine. Seems it would make sense to generalize this somehow. Perhaps dedicated token auth support in auth.json that isn't tied to the gitlab-domains config?
And this works, but seems you could add proper support for Bearer token authentication rather than tie it just to GitLab. So no config required, and an auth.json like:
But for whatever reason I couldn't get that method to work at all. Ultimately I'd rather not be committing API tokens anyway.
Output of composer diagnose:
Checking composer.json: WARNING
require.roots/wordpress : unbound version constraints (>=5.2.2) should be avoided
... // several more of unbound version warnings
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity to packagist: OK
Checking https connectivity to packagist: OK
Checking github.com oauth access: OK
Checking disk free space: OK
Checking pubkeys:
Tags Public Key Fingerprint: 57815BA2 7E54DC31 7ECC7CC5 573090D0 87719BA6 8F3BB723 4E5D42D0 84A14642
Dev Public Key Fingerprint: 4AC45767 E5EC2265 2F0C1167 CBBB8A2B 0C708369 153E328C AD90147D AFE50952
OK
Checking composer version: OK
Composer version: 1.9.3
PHP version: 7.3.10
PHP binary path: C:\Users\ethan\bin\php-7.3.10\php.exe
The text was updated successfully, but these errors were encountered:
GitLab repositories support
Authorization: Bearer xxx
headers as a method for authentication viaauth.json
. If a repository domain is listed undergitlab-domains
in the config andauth.json
contains anhttp-basic
entry for that domain with the usernameoauth2
, the password will be sent as the token.GitLab isn't the only platform in the world using API tokens to authenticate. Right now you can add any functioning Composer repository with token-based authentication, GitLab-backed or not, to the
gitlab-domains
config and then configure a token as described and you'll authenticate just fine. Seems it would make sense to generalize this somehow. Perhaps dedicated token auth support inauth.json
that isn't tied to thegitlab-domains
config?My global
config.json
:That domain is not a GitLab instance. It's a Laravel app using Airlock, FWIW.
My global
auth.json
:And this works, but seems you could add proper support for Bearer token authentication rather than tie it just to GitLab. So no config required, and an
auth.json
like:Pretty sure this can currently be accomplished per-project when defining the repository with something like:
But for whatever reason I couldn't get that method to work at all. Ultimately I'd rather not be committing API tokens anyway.
Output of
composer diagnose
:The text was updated successfully, but these errors were encountered: