You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Michael Osipov (Jira)" <ji...@apache.org> on 2022/10/05 19:57:00 UTC

[jira] [Commented] (WAGON-630) Auto-update repository access tokens

    [ https://issues.apache.org/jira/browse/WAGON-630?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17613142#comment-17613142 ] 

Michael Osipov commented on WAGON-630:
--------------------------------------

This sounds like a totally custom solution. It might be better to add a custom auth scheme or interceptor to the HttpClient.

> Auto-update repository access tokens
> ------------------------------------
>
>                 Key: WAGON-630
>                 URL: https://issues.apache.org/jira/browse/WAGON-630
>             Project: Maven Wagon
>          Issue Type: New Feature
>          Components: wagon-http, wagon-http-lightweight
>            Reporter: Steve Mitchell
>            Priority: Major
>
> Support hands-free access to [repositories |https://stackoverflow.com/questions/73950826/setting-dynamic-password-from-maven]that authenticate with short-lived access tokens.  When needed, call out to a configured shell script to update a configured system property with the repo's temporary password.
> Implementation ideas: Receive from the shell script's stdout the content of a Java properties file.  Use a TTL property received from the shell script to set an expiration property – call the shell script only when the expiration property doesn't exist or will soon pass.  For security, prepend a configured prefix to the name of each system property to be set.
> Document the configuration parameters.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)