Comments (6)
FWIW the OAuth spec recommends to use https://datatracker.ietf.org/doc/html/rfc8252#section-8.3 recommends to use 127.0.0.1 instead of localhost:
While redirect URIs using localhost (i.e., "http://localhost:{port}/{path}") function similarly to loopback IP redirects described in Section 7.3, the use of localhost is NOT RECOMMENDED. Specifying a redirect URI with the loopback IP literal rather than localhost avoids inadvertently listening on network interfaces other than the loopback interface. It is also less susceptible to client-side firewalls and misconfigured host name resolution on the user's device.
And the server should allow any port to match loopback redirect URIs:
The authorization server MUST allow any port to be specified at the time of the request for loopback IP redirect URIs, to accommodate clients that obtain an available ephemeral port from the operating system at the time of the request.
from git-credential-manager.
@mminns Can you reproduce this?
from git-credential-manager.
You should be able to disable that check using a system property, e.g.
-Datlassian.oauth2.provider.skip.redirect.url.https.requirement=true
Looks like that is missing from the documentation
from git-credential-manager.
// Check if an entry already exists in the keychain
int findResult = SecKeychainFindGenericPassword(
IntPtr.Zero, serviceNameLength, serviceName, accountLength, account,
out uint passwordDataLength, out passwordData, out itemRef);
switch (findResult)
{
// Update existing entry only if the password/secret is different
case OK when !InteropUtils.AreEqual(secretBytes, passwordData, passwordDataLength):
ThrowIfError(
SecKeychainItemModifyAttributesAndData(itemRef, IntPtr.Zero, (uint) secretBytes.Length, secretBytes),
"Could not update existing item"
);
break;
from git-credential-manager.
Related Issues (20)
- Gitea Oauth not working on Linux HOT 6
- Git push fails to authenticate: Found 0 accounts in the store for service=https://github.com.
- Cloning repos via http web proxy (kerberos authentication) is not working with git gui
- Similar to #435, but against my private GH-repo: fatal: Interaction with the Security Server is not allowed. [0xffff9d24] HOT 5
- [email protected]
- OAuth not supported in multiple users setup
- Gcash
- Select an Account Prompt HOT 1
- OAuth for Gitea does not work within vs code remote HOT 5
- wincredman error over SSH via VSCode remote with GitHub CLI
- Error viewing documentation HOT 5
- How to push? I do not have authenticating token. How does this work??? HOT 3
- GCM fails to get the Azure organization name from the URL username HOT 1
- Cannot authenticate from scheduled git-maintenance (systemd timers) HOT 2
- Card n
- Support for .net 8.0 HOT 1
- "fatal: Value cannot be null (Parameter 'ptr')" on macOS during git-gvfs-helper HOT 1
- The tool should accommodate users with more than one account on a github.
- /digitalselftherapy HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from git-credential-manager.