当前位置:theitroad>git 如何使用令牌操作 Bitbucket 存储库?

git 如何使用令牌操作 Bitbucket 存储库?

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/24965307/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-09-10 18:21:22  来源:igfitidea点击:

How to manipulate Bitbucket repository with token?

gitoauthmercurialbitbucket

提问by Gábor Domonkos

I followed this documentation to get a token value and a token secret from bitbucket:
https://confluence.atlassian.com/display/BITBUCKET/OAuth+on+Bitbucket

我按照此文档从 bitbucket 获取令牌值和令牌秘密:https://confluence.atlassian.com/display/BITBUCKET/OAuth+on+Bitbucket

After that I want to push/pull to a given repo by using that token.

之后,我想使用该令牌推/拉到给定的存储库。

At Github I can use the token like this way: https://help.github.com/articles/git-automation-with-oauth-tokens#step-2-clone-a-repository

在 Github,我可以这样使用令牌:https: //help.github.com/articles/git-automation-with-oauth-tokens#step-2-clone-a-repository

My question is how can I use this kind of http authorization at bitbucket (mercurial/git)?

我的问题是如何在 bitbucket (mercurial/git) 上使用这种 http 授权?

采纳答案by VonC

This BitBucket page mentions:

这个BitBucket 页面提到

We recently introduced OAuth 2 and also added the ability to use them as HTTP Basic Auth credentials.

Cloning a repository with an access token

Since add-ons will not be able to upload their own SSH keys to clone with, access tokens can be used as Basic HTTP Auth credentials to clone securely over HTTPS.

git clone https://x-token-auth:{access_token}@bitbucket.org/user/repo.git

The literal string x-token-authas a substitute for username is required.

Our process is similar to GitHub, yet slightly different: the difference is GitHub puts the actual token in the username field.

我们最近推出了 OAuth 2 并添加了将它们用作HTTP 基本身份验证凭据的功能

使用访问令牌克隆存储库

由于附加组件无法上传自己的 SSH 密钥进行克隆,因此访问令牌可以用作基本 HTTP 身份验证凭据,以通过 HTTPS 安全地克隆。

git clone https://x-token-auth:{access_token}@bitbucket.org/user/repo.git

需要用文字字符串x-token-auth代替用户名。

我们的流程与 GitHub 类似,但略有不同:不同之处在于 GitHub 将实际令牌放在用户名字段中。

See more at "OAuth on Bitbucket Cloud", as suggested in the commentsby nick graziano.

查看更多在“关于到位桶云OAuth的”,如建议在评论尼克·格拉济阿诺

回答by Psymatix

I used an App password which I created from the Bitbucket Cpanel under Settings -> Access management (sidebar) -> App Passwords. After I did this I cloned the repo by using my username and the new app password as follows:

我使用了从 Bitbucket Cpanel 下的设置 -> 访问管理(侧边栏) -> 应用密码创建的应用密码。完成此操作后,我使用我的用户名和新的应用程序密码克隆了 repo,如下所示:

https://[your_user_name]:[app_password]@bitbucket.org/[your_user_name]/[repo_name].git

回答by Erik van Zijst

First of all: only OAuth 2 tokens can be used to clone repos

首先:只有 OAuth 2 令牌可用于克隆 repos

While unclear from this page, I've seen people try to use OAuth 1 access tokens. Unfortunately Git and Mercurial do not support OAuth 1 and so it is not possible to clone repos that way.

虽然本页不清楚,但我看到人们尝试使用 OAuth 1 访问令牌。不幸的是,Git 和 Mercurial 不支持 OAuth 1,因此不可能以这种方式克隆存储库。

This is because OAuth 1 requires requests to be uniquely signed. The token itself is merely one of the input variables for the cryptographic signing process that git and hg do not support.

这是因为 OAuth 1 要求对请求进行唯一签名。令牌本身只是 git 和 hg 不支持的加密签名过程的输入变量之一。

Now we did indeed recently add support for OAuth 2 which, despite its name, is a very different protocol and does not include cryptographic signing. As a result, OAuth 2 tokens can be used to clone over https.

现在我们确实最近确实添加了对 OAuth 2 的支持,尽管它的名字是一个非常不同的协议,并且不包括加密签名。因此,OAuth 2 令牌可用于通过 https 进行克隆。

Here's a dump of me creating a new OAuth 2 access/bearer token and using it to clone one of my private repos:

这是我创建一个新的 OAuth 2 访问/不记名令牌并使用它来克隆我的一个私人存储库的转储:

$ curl https://bitbucket.org/site/oauth2/access_token \
  -d grant_type=client_credentials \
  -u dqN7QFLwJEcHsHadYw:pzvZG25WEDqbm9aeUVRHtQRHgTRgDr9t
{
  "access_token": "He1rBW1eYAzmT3ePJcvYDtkIcF1Pb1izZHo8oqpKMEL5ivsku71qkjfumVgR2bWsCiRM7XeEmbVffxU92w==",
  "scopes": "repository email",
  "expires_in": 3600,
  "refresh_token": "pfcnxSpXNPAeTcYhcQ",
  "token_type": "bearer"
}
$ git clone "https://x-token-auth:JU5dAtlMD30BisLpDkIap7T18Ry9v6p0Xif4owkQUyen_rLx5_B3PjjeqhLhpde0ezR1wyGLeqYE2HA49A==@bitbucket.org/evzijst/crypt"
Cloning into 'crypt'...
remote: Counting objects: 26, done.
remote: Compressing objects: 100% (25/25), done.
remote: Total 26 (delta 8), reused 0 (delta 0)
Unpacking objects: 100% (26/26), done.
Checking connectivity... done.

Now be aware that OAuth 2 tokens expire in an hour. After that they will cease to work. Depending on how you obtained the access token you may have a refresh token. You can use this refresh token to issue a new access token immediately before attempting to clone, to avoid expiration.

现在请注意,OAuth 2 令牌会在一小时内过期。之后他们将停止工作。根据您获取访问令牌的方式,您可能拥有刷新令牌。您可以在尝试克隆之前立即使用此刷新令牌发出新的访问令牌,以避免过期。

回答by Vahid PG

To manipulate Bitbucket repository with token:

要使用令牌操作 Bitbucket 存储库:

  1. First you create an "Oauth" in access management section of your bitbucket account setting. This gives you a "Key" and a "Secret". You have done this bit.

  2. Now using these Key and Secret you ask Bitbucket for a token. In my case I made a http request to https://bitbucket.org/site/oauth2/access_token. I could do it with Curl or some Ajax library like this: 

    curl -X POST -u "yourKeyHere:yourSecretHere"  https://bitbucket.org/site/oauth2/access_token -d  grant_type=client_credentials

    alternatively, my http request was like this (using superagent in node) with my Content-Typeset to application/x-www-form-urlencodedyou can use postman:

    request.post("https://yourKeyHere:[email protected]/site/oauth2/      access_token").send('grant_type=client_credentials');`

    the result is like this:

    {
   "access_token": "blah blah blah HXAhrfr8YeIqGTpkyFio=",
   "scopes": "pipeline snippet issue pullrequest project team account",
   "expires_in": 3600,
   "refresh_token": "hsadgsadvkQ",
   "token_type": "bearer"
}

  3. Now that you have the "access_token", clone a private repo with it. But the url to your repo should be like this (keep the bracket around token):

    https://x-token-auth:{tokenHere}@bitbucket.org/yourRepoOwnerHere/RepoNameHere.git

  1. 首先,您在 bitbucket 帐户设置的访问管理部分创建一个“Oauth”。这给你一个“钥匙”和一个“秘密”。你已经做到了这一点。

  2. 现在使用这些 Key 和 Secret,您可以向 Bitbucket 索取令牌。就我而言,我向https://bitbucket.org/site/oauth2/access_token. 我可以用 Curl 或像这样的一些 Ajax 库来做到这一点:

    curl -X POST -u "yourKeyHere:yourSecretHere"  https://bitbucket.org/site/oauth2/access_token -d  grant_type=client_credentials

    或者,我的 http 请求是这样的(在节点中使用超级代理),我的Content-Type设置为application/x-www-form-urlencoded您可以使用邮递员:

    request.post("https://yourKeyHere:[email protected]/site/oauth2/      access_token").send('grant_type=client_credentials');`

    结果是这样的:

    {
   "access_token": "blah blah blah HXAhrfr8YeIqGTpkyFio=",
   "scopes": "pipeline snippet issue pullrequest project team account",
   "expires_in": 3600,
   "refresh_token": "hsadgsadvkQ",
   "token_type": "bearer"
}

  3. 现在您有了“access_token”,用它克隆一个私有仓库。但是你的 repo 的 url 应该是这样的(保持令牌周围的括号):

    https://x-token-auth:{tokenHere}@bitbucket.org/yourRepoOwnerHere/RepoNameHere.git

回答by Gildas

I know this is a fairly old thread, but, just in case, I wrote my own credential store to manage bitbucket's token:

我知道这是一个相当古老的线程,但为了以防万一,我编写了自己的凭证存储来管理 bitbucket 的令牌:

https://github.com/gildas/git-credential-bitbucket

https://github.com/gildas/git-credential-bitbucket

相关推荐

如何减少 Bitbucket 上的 git repo 大小?

如何减少 Bitbucket 上的 git repo 大小?

无法连接到 git 远程存储库

无法连接到 git 远程存储库

git 将 Docker 镜像中的用户切换为非 root 用户

git 将 Docker 镜像中的用户切换为非 root 用户

'git reset --hard HEAD~1' 和 'git reset --soft HEAD~1' 有什么区别?

'git reset --hard HEAD~1' 和 'git reset --soft HEAD~1' 有什么区别?

相关推荐
最近更新
标签