Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit91c17b7

Browse files
nejchJohnVillalovos
authored andcommitted
docs: describe ROPC flow in place of password authentication
1 parent768890a commit91c17b7

File tree

2 files changed

+21
-20
lines changed

2 files changed

+21
-20
lines changed

‎docs/api-usage.rst

Lines changed: 19 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,15 @@ python-gitlab only supports GitLab API v4.
99

1010
To connect to GitLab.com or another GitLab instance, create a ``gitlab.Gitlab`` object:
1111

12+
..hint::
13+
14+
You can use different types of tokens for authenticated requests against the GitLab API.
15+
You will most likely want to use a resource (project/group) access token or a personal
16+
access token.
17+
18+
For the full list of available options and how to obtain these tokens, please see
19+
https://docs.gitlab.com/ee/api/index.html#authentication.
20+
1221
..code-block::python
1322
1423
import gitlab
@@ -37,9 +46,8 @@ To connect to GitLab.com or another GitLab instance, create a ``gitlab.Gitlab``
3746
# Define your own custom user agent for requests
3847
gl= gitlab.Gitlab('https://gitlab.example.com',user_agent='my-package/1.0.0')
3948
40-
# make an API request to create the gl.user object. This is mandatory if you
41-
# use the username/password authentication - not required for token authentication,
42-
# and will not work with job tokens.
49+
# make an API request to create the gl.user object. This is not required but may be useful
50+
# to validate your token authentication. Note that this will not work with job tokens.
4351
gl.auth()
4452
4553
You can also use configuration files to create ``gitlab.Gitlab`` objects:
@@ -68,18 +76,16 @@ configuration files.
6876
Note on password authentication
6977
-------------------------------
7078

71-
The ``/session`` API endpoint used for username/passwordauthentication has
72-
been removed from GitLab in version 10.2, and is not available ongitlab.com
73-
anymore. Personal token authentication is the preferred authentication method.
79+
GitLab has long removedpassword-based basicauthentication. You can currently still use the
80+
`resource owner password credentials<https://docs.gitlab.com/ee/api/oauth2.html#resource-owner-password-credentials-flow>`_
81+
flow to obtain an OAuth token.
7482

75-
If you need username/password authentication, you can use cookie-based
76-
authentication. You can use the web UI form to authenticate, retrieve cookies,
77-
and then use a custom ``requests.Session`` object to connect to the GitLab API.
78-
The following code snippet demonstrates how to automate this:
79-
https://gist.github.com/gpocentek/bd4c3fbf8a6ce226ebddc4aad6b46c0a.
83+
However, we do not recommend this as it will not work with 2FA enabled, and GitLab is removing
84+
ROPC-based flows without client IDs in a future release. We recommend you obtain tokens for
85+
automated workflows as linked above or obtain a session cookie from your browser.
8086

81-
See `issue 380<https://github.com/python-gitlab/python-gitlab/issues/380>`_
82-
for a detailed discussion.
87+
For apython example of password authentication using the ROPC-based OAuth2
88+
flow, see `this Ansible snippet<https://github.com/ansible-collections/community.general/blob/1c06e237c8100ac30d3941d5a3869a4428ba2974/plugins/module_utils/gitlab.py#L86-L92>`_.
8389

8490
Managers
8591
========

‎docs/cli-usage.rst

Lines changed: 2 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -176,16 +176,11 @@ We recommend that you use `Credential helpers`_ to securely store your tokens.
176176
to learn how to obtain a token.
177177
* - ``api_version``
178178
- GitLab API version to use. Only ``4`` is available since 1.5.0.
179-
* - ``http_username``
180-
- Username for optional HTTP authentication
181-
* - ``http_password``
182-
- Password for optional HTTP authentication
183-
184179

185180
Credential helpers
186181
------------------
187182

188-
For all configuration options that contain secrets (``http_password``,
183+
For all configuration options that contain secrets (for example,
189184
``personal_token``, ``oauth_token``, ``job_token``), you can specify
190185
a helper program to retrieve the secret indicated by a ``helper:``
191186
prefix. This allows you to fetch values from a local keyring store
@@ -229,7 +224,7 @@ In `/path/to/helper.sh`:
229224
..code-block::bash
230225
231226
#!/bin/bash
232-
pass show path/to/password| head -n 1
227+
pass show path/to/credentials| head -n 1
233228
234229
CLI
235230
===

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp