Bucket from private repository

[prnxdev]

Hi,

I wanted to create my private bucket. So after successful adding bucket to project I wanted to install App. But my .ps1 file is full of OAuth2 HTML after install. Is this possible to use credentials when we wants to install app?

[lukesampson]

We don't have support for credentials, sorry. There are a couple of things that might help, but nothing like OAuth2 support.

• HTTP basic authentication: not sure if this will even work, but you could try including the username and password in the download url, e.g. https://username:password@host/path/to/file.zip. I know you're thinking that's very insecure, and I agree. I guess it depends how comfortable with that and how private your bucket is, and how secret the credentials are.
• cookies: if the server will be happy with a cookie to let you in, you can add cookie headers. See Oracle JDK for an example.

[prnxdev]

Ok, got it. I will try to find some workaround :) . Thanks.
But it would be kinda cool if you could add some credentials (in PowerShell there is Get-Credentials cmdlet) :).

[krokofant]

I have a solution to install powershell modules from private Azure Artifacts feeds but it requires nuget.exe and this ms credentials provider which has a smooth .ps1 automatic installer.

It's maybe a bit too much to ask for to have all scoop consumers have these dependencies but it's nice when it's setup.

[rashil2000]

#4243

[KoltesDigital]

FTR, basic auth as prefix of URL domain is not taken into account, it's a limitation from Net.WebRequest, whereby Authorization header has to be carefully added. Thankfully, since #5152, users can add headers through the config file. scoop config key value seems unable to set the value since it's not a simple value, so you have to edit config.json directly.

{
...
	"private_hosts": [
		{
			"match": "^https://cdn.example.com/",
			"headers": "Authorization = Basic XYZ"
		}
	],
}

where XYZ is base-64-encoded user + ':' + password.