Username is required when using fine-grained vs classic PAT (personal access token) for PlainClone operation
byteams opened this issue · comments
The documentation suggests that username can be left empty or filled with any empty string when using a PAT as follows
r, err = git.PlainClone(path, false, &git.CloneOptions{
URL: repo_url,
Auth: &gogithttp.BasicAuth{
Username: "", // can be anything except an empty string
Password: token,
},
})
However, I'm finding that this behaves differently for the newer fine-grained tokens (as opposed to classic tokens), where now you're required to provide the actual username in the value.
Here's how to reproduce:
Get a new fine-grained access token from https://github.com/settings/personal-access-tokens/new:
Step 1: Give it a token name (not important)
Step 2: Select Resource Owner (important, select your organization with private repositories)
Step 3: Select All repositories
Step 4: From the list of permissions, find Contents then grant Read-only access.
Step 5: try running the above code with and without username
If it's reproducible, there are a few options I'd like to suggest:
- changing the code to maintain the same behavior for both types of tokens. We can do this by getting user info before calling clone,
or - introducing optional type to BasicAuth
or - introducing NonBasicAuth or "FineGrainedAuth"
or - just clarifying in the documentation
Curious to hear if others are able to reproduce this issue