仅限Github API访问权限到用户的一个存储库 [英] Restrict Github API access to only one repository of an user

问题描述

我们有一个Web应用程序，它可以让用户编写代码并将其存储在我们服务器上的内部git存储库中。
现在我们希望允许用户与他的github存储库共享他的代码。所以我们浏览了github的api文档，并通过ouath2找到了一种方法。
但是为了实现这个功能，我们需要向用户请求写入权限，但github oauth访问范围只包含对用户所有存储库的写入权限，这对我们来说太过分了。

We have an web application, which lets the user write code and store it in an internal git repository on our server. Now we wanted to allow the user to share his code with his github repository. So we looked through the api documentation of github and found a way via ouath2. However to make this work, we need to request write access from the user, but github oauth access scopes only include write access to all repository of an user, which is way too much for us.

是否有可能限制一个用户的某个特定存储库的api访问？

Is it possible to restrict an api access for only one specific repository of an user?

推荐答案

按照 jasonrudolph 评论，目前无法限制对特定存储库的API访问。

As per jasonrudolph comment, it is not currently possible to restrict API access to a specific repository.

部署密钥是最接近的提供这种类型的功能。 （这不会从API的角度帮助您，但部署密钥可能会满足您的基础需求。）如果您的应用程序要生成公钥/私钥SSH密钥对，并且用户将公钥/私钥添加为部署密钥那么您可以使用私钥访问该存储库（无需访问用户的其他存储库）。

Deploy keys are the closest thing that provides this type of functionality. (This won't help you from an API perspective, but a deploy key might meet your underlying need.) If your application were to generate an public/private SSH keypair, and the user were to add the public key as a deploy key in the repository, then you could use the private key to access just that one repository (without having access to the user's other repositories).

这篇关于仅限Github API访问权限到用户的一个存储库的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！