path: root/Documentation/technical/api-credentials.txt
AgeCommit message (Collapse)Author
2016-05-09Documentation: fix linkgit referencesJunio C Hamano
There are a handful of incorrect "linkgit:<page>[<section>]" instances in our documentation set. * Some have an extra colon after "linkgit:"; fix them by removing the extra colon; * Some refer to a page outside the Git suite, namely curl(1); fix them by using the `curl(1)` that already appears on the same page for the same purpose of referring the readers to its manual page. * Some spell the name of the page incorrectly, e.g. "rev-list" when they mean "git-rev-list"; fix them. * Some list the manual section incorrectly; fix them to make sure they match what is at the top of the target of the link. Signed-off-by: Junio C Hamano <>
2014-12-04credential: let helpers tell us to quitJeff King
When we are trying to fill a credential, we loop over the set of defined credential-helpers, then fall back to running askpass, and then finally prompt on the terminal. Helpers which cannot find a credential are free to tell us nothing, but they cannot currently ask us to stop prompting. This patch lets them provide a "quit" attribute, which asks us to stop the process entirely (avoiding running more helpers, as well as the askpass/terminal prompt). This has a few possible uses: 1. A helper which prompts the user itself (e.g., in a dialog) can provide a "cancel" button to the user to stop further prompts. 2. Some helpers may know that prompting cannot possibly work. For example, if their role is to broker a ticket from an external auth system and that auth system cannot be contacted, there is no point in continuing (we need a ticket to authenticate, and the user cannot provide one by typing it in). Signed-off-by: Jeff King <> Signed-off-by: Junio C Hamano <>
2013-04-12doc: various spelling fixesStefano Lattarini
Most of these were found using Lucas De Marchi's codespell tool. Signed-off-by: Stefano Lattarini <> Signed-off-by: Jonathan Nieder <> Signed-off-by: Junio C Hamano <>
2013-02-01Documentation: the name of the system is 'Git', not 'git'Thomas Ackermann
Signed-off-by: Thomas Ackermann <> Signed-off-by: Junio C Hamano <>
2012-06-25add 'git credential' plumbing commandJavier Roucher Iglesias
The credential API is in C, and not available to scripting languages. Expose the functionalities of the API by wrapping them into a new plumbing command "git credentials". In other words, replace the internal "test-credential" by an official Git command. Most documentation writen by: Jeff King <> Signed-off-by: Pavel Volek <> Signed-off-by: Kim Thuat Nguyen <> Signed-off-by: Javier Roucher Iglesias <> Signed-off-by: Matthieu Moy <> Signed-off-by: Junio C Hamano <>
2012-06-12api-credential.txt: document that helpers field is filled-in automaticallyMatthieu Moy
It was unclear whether the field was to be specified by the user of the API. Signed-off-by: Matthieu Moy <> Signed-off-by: Junio C Hamano <>
2012-06-08docs: fix cross-directory linkgit referencesJeff King
Most of our documentation is in a single directory, so using linkgit:git-config[1] just generates a relative link in the same directory. However, this is not the case with the API documentation in technical/*, which need to refer to git-config from the parent directory. We can fix this by passing a special prefix attribute when building in a subdirectory, and respecting that prefix in our linkgit definitions. We only have to modify the html linkgit definition. For manpages, we can ignore this for two reasons: 1. we do not generate actual links to the file in manpages, but instead just give the name and section of the linked manpage 2. we do not currently build manpages for subdirectories, only html Signed-off-by: Jeff King <> Signed-off-by: Matthieu Moy <> Signed-off-by: Junio C Hamano <>
2012-06-04api-credentials.txt: add "see also" sectionMatthieu Moy
Signed-off-by: Matthieu Moy <> Signed-off-by: Junio C Hamano <>
2012-06-04api-credentials.txt: mention credential.helper explicitlyMatthieu Moy
The name of the configuration variable was mentioned only at the very end of the explanation, in a place specific to a specific rule, hence it was not very clear what the specification was about. Signed-off-by: Matthieu Moy <> Signed-off-by: Junio C Hamano <>
2012-06-04api-credentials.txt: show the big picture firstMatthieu Moy
The API documentation targets two kinds of developers: those using the C API, and those writing remote-helpers. The document was not clear about which part was useful to which category, and for example, the C API could be mistakenly thought as an API for writting remote helpers. Based-on-patch-by: Jeff King <> Signed-off-by: Matthieu Moy <> Signed-off-by: Junio C Hamano <>
2011-12-12credential: add function for parsing url componentsJeff King
All of the components of a credential struct can be found in a URL. For example, the URL: contains: protocol=http path=repo.git username=foo password=bar We want to be able to turn URLs into broken-down credential structs so that we know two things: 1. Which parts of the username/password we still need 2. What the context of the request is (for prompting or as a key for storing credentials). This code is based on http_auth_init in http.c, but needed a few modifications in order to get all of the components that the credential object is interested in. Once the http code is switched over to the credential API, then http_auth_init can just go away. Signed-off-by: Jeff King <> Signed-off-by: Junio C Hamano <>
2011-12-12introduce credentials APIJeff King
There are a few places in git that need to get a username and password credential from the user; the most notable one is HTTP authentication for smart-http pushing. Right now the only choices for providing credentials are to put them plaintext into your ~/.netrc, or to have git prompt you (either on the terminal or via an askpass program). The former is not very secure, and the latter is not very convenient. Unfortunately, there is no "always best" solution for password management. The details will depend on the tradeoff you want between security and convenience, as well as how git can integrate with other security systems (e.g., many operating systems provide a keychain or password wallet for single sign-on). This patch provides an abstract notion of credentials as a data item, and provides three basic operations: - fill (i.e., acquire from external storage or from the user) - approve (mark a credential as "working" for further storage) - reject (mark a credential as "not working", so it can be removed from storage) These operations can be backed by external helper processes that interact with system- or user-specific secure storage. Signed-off-by: Jeff King <> Signed-off-by: Junio C Hamano <>