search

vermiculus / magithub

**DEPRECATED - please use Forge instead!** -- Magit-based interfaces to GitHub
GNU General Public License v3.0
579 stars 62 forks source link

Support git config authentication (~/.gitconfig.local) #376

Closed creichert closed 5 years ago

creichert commented 5 years ago

I have a token defined in ~/.gitconfig.local that I use for some applications which don't require critical access, or that I've created a specific token for.

Today, I installed magithub and it did not have the option to use a token from the [github] section of my gitconfig. 

[include]
  # For username / creds / etc
  path = ~/.gitconfig.local
[alias]
  ... 
.gitconfig.local:
[user]
  user = me@gmail.com
  name = my name
  email =  me@gmail.com
  token = a123uber456secret789ceprivate000key78
[github]
        user = meongithub
        oauth-token = a123uber456secret789ceprivate000key78

or, using gitcredentials.helper but I'm not familiar with this option.

[credential]
  helper = osxkeychain

--

Here's some detail to indicate that it's a frequently recommended technique:

Some of the links suggest that it's possible users might already have tokens setup in ~/.gitconfig in a [github].

fwiw, setting up authinfo.gpg isn't really a problem for me but this feature would potentially be 1 less step for other users who might have setup their oauth-token in a gitconfig outside of emacs.

creichert commented 5 years ago

There's some prior discussion in #360

and in the magit issue tracker: https://github.com/magit/magit/issues/2973

Personally, I agree that having unencrypted tokens sitting on the filesystem is not secure or desirable.

That said, it does look like [credentials] is worth another look as it can integration with many different ways of accessing the users default password manager.

If I had to pick a "recommended" method, I would say the gitconfig methods would be preferred and the emacs authinfo methods should still be supported (assuming gitconfig.(github|credentials) even works in this case).

vermiculus commented 5 years ago

This sounds like a more basic/fundamental discussion more appropriate for magit/ghub.

This is definitely one of those instances where emacs idioms are at odds with the software being integrated. Both are valid and as to which one should be 'preferred', I don't think any preference is appropriate.

Please open this issue on the other repository, though -- Jonas will want to hear this use-case.