[英]Authenticating to Azure Devops Git repo
We are working on a system to automatically commit generated projects into Git repositories located in Azure Devops.我们正在开发一个系统,以自动将生成的项目提交到位于 Azure Devops 的 Git 存储库中。 We want to use libgit2sharp for this.
我们想为此使用 libgit2sharp。 We want the user to authenticate using their Microsoft account, grab the Access Token(jwt) from the authentication request and use that as means of authentication.
我们希望用户使用他们的 Microsoft 帐户进行身份验证,从身份验证请求中获取访问令牌 (jwt) 并将其用作身份验证手段。 But we cannot seem to get this working.
但我们似乎无法让它发挥作用。
In another post I read 2 other authentication methods: 1. Alternative accounts.在另一篇文章中,我阅读了另外两种身份验证方法: 1. 替代帐户。 2. Personal Access Tokens, PAT.
2. 个人访问令牌,PAT。 Both made in the profile sections of your devops account.
两者都在您的 devops 帐户的配置文件部分中制作。
I can get Alternative accounts to work perfectly but this is not our preferred route as it will require extra actions from the user.我可以让替代帐户完美运行,但这不是我们的首选路线,因为它需要用户采取额外的行动。 The PAT does not seem to work for me and throws me an error that there were "too many redirects or authentication replays".
PAT 似乎对我不起作用,并向我抛出一个错误,即“重定向或身份验证重放次数过多”。 I figured this is because of the two factor authentication that is enabled on the Microsoft account.
我认为这是因为在 Microsoft 帐户上启用了两因素身份验证。
Is it even supported to use an Access Token(jwt) in LibGit2Sharp with 2FA enabled?是否支持在启用 2FA 的 LibGit2Sharp 中使用访问令牌(jwt)?
using (var repo = new Repository({repo location}))
{
foreach (var file in file)
{
repo.Index.Add(file.Path);
repo.Index.Write();
}
var author = new Signature("{name}", "{name}", DateTime.Now);
var committer = author;
repo.Commit("Here's a commit i made!", author, committer);
var options = new PushOptions();
options.CredentialsProvider = (url, user, cred) => new UsernamePasswordCredentials() { Username = "{username}", Password = "{password}" };
repo.Network.Push(repo.Branches["master"], options);
}
Personal Access Tokens (PAT) do bypass MFA so that is probably not the error you're getting.个人访问令牌 (PAT)确实绕过了 MFA,因此这可能不是您遇到的错误。 A PAT is your best option, at the moment of the push you need the
remote-url
of your local Git repo to be as follows: PAT 是您的最佳选择,在推送时,您需要本地 Git 存储库的
remote-url
如下:
https://pat:{PAT_HERE}@dev.azure.com/...
eg例如
https://pat:gaakbfootuial7ksj4uv55o52335tyhhaasbqdvbg5xgyy33t754@dev.azure.com/auroraloop/devenv/_git/devenv
Tips:提示:
The options.CredentialsProvider
part of your code is probably doing exactly what I mentioned about the remote-url
try setting it as follows:您的代码的
options.CredentialsProvider
部分可能完全按照我提到的remote-url
尝试设置如下:
options.CredentialsProvider = (url, user, cred) => new UsernamePasswordCredentials() { Username = "pat", Password = "{PAT_HERE}" };
Hardcode the PAT for testing and if successful take a look at the Azure Key Vault approach.对 PAT 进行硬编码以进行测试,如果成功,请查看 Azure Key Vault 方法。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.