Git remotes should support HTTP Bearer authentication with OAuth token
GitLab's HTTPS remotes support only Basic authentication (username and password, though the password might be a personal access token).
> http -h "https://gitlab.com/gitlab-org/gitlab.git/info/refs?service=git-receive-pack"
...
WWW-Authenticate: Basic realm="GitLab"
To authenticate with an OAuth token you have to use the magic username oauth2
together with the oauth token as password. This works, but apps have to special case GitLab because other forges require a different magic username (eg. BitBucket requires username x-token-auth
).
It would thus be handy to also support Bearer authentication with OAuth token (no username involved). After all, this is how the OAuth standard expects that clients authenticate to servers! Apps wouldn't have to special case GitLab.
Note that Git doesn't currently support Bearer authentication, but it's been proposed in future.
Edited by M Hickford