我使用Bitbucket并希望在不使用我的飞机密码的情况下自动拉/推/克隆工作。为此目的,我为生成Oauth2访问令牌取得了一些进展。我的脚本看起来像这样:
consumer_key=XXXXXXXXXXXXXXXXXX
consumer_secret=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
oauth2_return_str=$(curl -X POST https://bitbucket.org/site/oauth2/access_token -u "${consumer_key}:${consumer_secret}" -d grant_type=client_credentials 2>/dev/null)
oauth2_token=$(echo $oauth2_return_str | awk '{print $2}' | sed 's|[",]||g')
echo $oauth2_token
可能有一个clone个班轮:
git clone "https://x-token-auth:$(curl -k -X POST https://bitbucket.org/site/oauth2/access_token -u "XXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" -d grant_type=client_credentials | awk '{print $2}' | sed 's|[",]||g')@bitbucket.org/USER/REPO.git"
无论如何,不是每小时重写config文件(令牌只有一小时有效),我发现GIT_ASKPASS似乎适合于此目的:
GIT_ASKPASS
If this environment variable is set, then git commands which need to
acquire passwords or passphrases (e.g. for HTTP or IMAP authentication)
will call this program with a suitable prompt as command line argument
and read the password from its STDOUT. See also the core.askpass option
in git-config(1).
为了完整性:
core.askPass
Some commands (e.g. svn and http interfaces) that interactively ask for
a password can be told to use an external program given via the value of
this variable. Can be overridden by the GIT_ASKPASS environment
variable. If not set, fall back to the value of the SSH_ASKPASS
environment variable or, failing that, a simple password prompt. The
external program shall be given a suitable prompt as command-line
argument and write the password on its STDOUT.
所以我写了一个测试脚本:
GIT_ASKPASS=gen-token.bat
GIT_CURL_VERBOSE=1
git clone "https://x-token-auth@bitbucket.org/USER/REPO.git"
但仍然提示我输入密码对话框。如果我然后输入生成的令牌,一切都按预期工作。我做错了什么?
修改 好的git似乎对环境变量有点挑剔。我把测试脚本改为
GIT_ASKPASS=gen-token.bat git clone "https://x-token-auth@bitbucket.org/USER/REPO.git"
然后它起作用了。 git config --global core.askPass /path-to/gen-token.sh在全球范围内提供了支持。