As a developer consuming Git Proxy, it would be convenient for GitProxy to act on behalf of users via a OAuth style integration to enable functions such as PR/MR creation, comments and reviews, etc. There is a current gap in the lifecycle of a contribution which git over HTTPS or SSH cannot accommodate directly. These operations often are accessible via APIs. However, those APIs are specific to the SCM provider and not generic.
A few open questions:
- How extensible is GitProxy's current authentication mechanisms today? Is it possible to extend the UI to handle SCM specific authentication flows (OAuth, etc)?
- Is it secure enough to store user session tokens per SCM? Should this be a standalone application instead which integrates with GitProxy but is not directly embedded?
- Which SCM providers is this possible to accomplish? There is known OAuth support for GitHub and GitLab. Other providers such as Codeberg (built on top of Forgejo) seem to have support for this as well but it's not guaranteed for all public
git providers.
Related issues:
As a developer consuming Git Proxy, it would be convenient for GitProxy to act on behalf of users via a OAuth style integration to enable functions such as PR/MR creation, comments and reviews, etc. There is a current gap in the lifecycle of a contribution which
gitover HTTPS or SSH cannot accommodate directly. These operations often are accessible via APIs. However, those APIs are specific to the SCM provider and not generic.A few open questions:
gitproviders.Related issues: