Update authentication methods in documentation
parent
9ca7457698
commit
2c8cbebd85
|
@ -900,9 +900,10 @@ If set to 1, this env allows running Composer when the Xdebug extension is enabl
|
|||
### COMPOSER_AUTH
|
||||
|
||||
The `COMPOSER_AUTH` var allows you to set up authentication as an environment variable.
|
||||
The contents of the variable should be a JSON formatted object containing http-basic,
|
||||
github-oauth, bitbucket-oauth, ... objects as needed, and following the
|
||||
[spec from the config](06-config.md#gitlab-oauth).
|
||||
The contents of the variable should be a JSON formatted object containing [http-basic,
|
||||
github-oauth, bitbucket-oauth, ... objects as needed](articles/authentication-for-private-packages.md),
|
||||
and following the
|
||||
[spec from the config](06-config.md).
|
||||
|
||||
### COMPOSER_BIN_DIR
|
||||
|
||||
|
|
|
@ -71,9 +71,9 @@ URL.
|
|||
A list of domain names and oauth keys. For example using `{"github.com":
|
||||
"oauthtoken"}` as the value of this option will use `oauthtoken` to access
|
||||
private repositories on github and to circumvent the low IP-based rate limiting
|
||||
of their API. [Read
|
||||
more](articles/troubleshooting.md#api-rate-limit-and-oauth-tokens) on how to get
|
||||
an OAuth token for GitHub.
|
||||
of their API. Composer may prompt for credentials when needed, but these can also be
|
||||
manually set. Read more on how to get an OAuth token for GitHub and cli syntax
|
||||
[here](articles/authentication-for-private-packages.md#github-oauth).
|
||||
|
||||
## gitlab-oauth
|
||||
|
||||
|
|
|
@ -22,6 +22,8 @@ for credentials and save them (or a token if Composer is able to retrieve one).
|
|||
|[Custom header](#custom-token-authentication)|no|
|
||||
|[gitlab-oauth](#gitlab-oauth)|yes|
|
||||
|[gitlab-token](#gitlab-token)|yes|
|
||||
|[github-oauth](#github-oauth)|yes|
|
||||
|[bitbucket-oauth](#bitbucket-oauth)|yes|
|
||||
|
||||
Sometimes automatic authentication is not possible, or you may want to predefine
|
||||
authentication credentials.
|
||||
|
@ -93,6 +95,16 @@ You can open this file in your favorite editor and fix the error.
|
|||
It is also possible to add credentials to a `composer.json` on a per-project basis in the `config`
|
||||
section or directly in the repository definition.
|
||||
|
||||
## Authentication using the COMPOSER_AUTH environment variable
|
||||
|
||||
> **Note:** Using this method also has security implications.
|
||||
> Credentials passed using command line environment variables will most likely be stored in memory,
|
||||
> and on be persisted to a file like ```~/.bash_history```(linux) or ```ConsoleHost_history.txt```
|
||||
> (Powershell on Windows) when closing a session.
|
||||
|
||||
The final option to supply Composer with credentials is to use the ```COMPOSER_AUTH``` environment variable.
|
||||
Read more about the usage of this environment variable [here](../03-cli.md#COMPOSER_AUTH).
|
||||
|
||||
# Authentication methods
|
||||
|
||||
## http-basic
|
||||
|
@ -224,3 +236,55 @@ composer config [--global] --editor --auth
|
|||
}
|
||||
}
|
||||
```
|
||||
|
||||
## github-oauth
|
||||
|
||||
To create a new access token, head to your [token settings section on Github](https://github.com/settings/tokens) and [generate a new token](https://github.com/settings/tokens/new). For public repositories when rate limited, the ```public_repo``` scope is required, for private repositories the ```repo:status``` scope is needed.
|
||||
Read more about it [here](https://github.com/blog/1509-personal-api-tokens).
|
||||
|
||||
### Command line github-oauth
|
||||
|
||||
```sh
|
||||
composer config [--global] github-oauth.github.com token
|
||||
```
|
||||
|
||||
### Manual github-oauth
|
||||
|
||||
```sh
|
||||
composer config [--global] --editor --auth
|
||||
```
|
||||
|
||||
```json
|
||||
{
|
||||
"github-oauth": {
|
||||
"github.com": "token"
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
## bitbucket-oauth
|
||||
|
||||
Read more about how to set up oauth on bitbucket [here](https://support.atlassian.com/bitbucket-cloud/docs/use-oauth-on-bitbucket-cloud/).
|
||||
|
||||
### Command line bitbucket-oauth
|
||||
|
||||
```sh
|
||||
composer config [--global] bitbucket-oauth.bitbucket.org cosumer-key consumer-secret
|
||||
```
|
||||
|
||||
### Manual bitbucket-oauth
|
||||
|
||||
```sh
|
||||
composer config [--global] --editor --auth
|
||||
```
|
||||
|
||||
```json
|
||||
{
|
||||
"bitbucket-oauth": {
|
||||
"bitbucket.org": {
|
||||
"consumer-key": "key",
|
||||
"consumer-secret": "secret"
|
||||
}
|
||||
}
|
||||
}
|
||||
```
|
||||
|
|
|
@ -177,12 +177,7 @@ Because of GitHub's rate limits on their API it can happen that Composer prompts
|
|||
for authentication asking your username and password so it can go ahead with its work.
|
||||
|
||||
If you would prefer not to provide your GitHub credentials to Composer you can
|
||||
manually create a token using the following procedure:
|
||||
|
||||
1. [Create](https://github.com/settings/tokens) an OAuth token on GitHub.
|
||||
[Read more](https://github.com/blog/1509-personal-api-tokens) on this.
|
||||
|
||||
2. Add it to the configuration running `composer config -g github-oauth.github.com <oauthtoken>`
|
||||
manually create a token using the [procedure documented here](authentication-for-private-packages.md#github-oauth).
|
||||
|
||||
Now Composer should install/update without asking for authentication.
|
||||
|
||||
|
|
Loading…
Reference in New Issue