JGit is a pure Java library implementing the Git version control system. It is an Eclipse project and started out as the Git library for EGit, which provides a Git integration into the Eclipse IDE.

A Guide to JGit
JGit - Tutorial
JGit User Guide

基礎(chǔ)的流程包括：clone肛跌、更新內(nèi)容艺配、提交commit、推送惋砂。教程通常缺少最后一步：推送更新到遠(yuǎn)端妒挎。

使用用戶名、密碼方式——

   Git git = Git.open(localPath); 

    // add remote repo:
    RemoteAddCommand remoteAddCommand = git.remoteAdd();
    remoteAddCommand.setName("origin");
    remoteAddCommand.setUri(new URIish(httpUrl));
    // you can add more settings here if needed
    remoteAddCommand.call();

    // push to remote:
    PushCommand pushCommand = git.push();
    pushCommand.setCredentialsProvider(new UsernamePasswordCredentialsProvider("username", "password"));
    // you can add more settings here if needed
    pushCommand.call();    

針對github可優(yōu)化未token方式西饵，從github tokens這里新建一個自己的token酝掩，然后上面的Credential Provider可以直接使用new UsernamePasswordCredentialsProvider("token", ""即可。

上面的內(nèi)容親測可用眷柔。

GitHub uses password authentication for https URLs and public-key authentication for SSH URLs

使用public key時需要注意：Windows環(huán)境下生成的私鑰默認(rèn)無法識別（因為head行不兼容期虾，參考這里）使用ssh-keygen -p -f file -m pem -P passphrase -N passphrase進(jìn)行重置（如果創(chuàng)建時passphrase沒有設(shè)置，使用""代替即可）

JGit Authentication Explained這里提到了各個不同協(xié)議使用的區(qū)別驯嘱。使用SSH的方式暫未驗證镶苞。

org.eclipse.jgit.test官方測試庫里有對應(yīng)的代碼。

通常使用的兩種方式——

• https://github.com/username/project.git需要使用用戶名+密碼登錄
• git@github.com:username/project.git表示SSH方式登錄

這里對各個協(xié)議類型做了詳細(xì)的說明鞠评。備份如下——

Primary differences between SSH and HTTPS. This post is specifically about accessing Git repositories on GitHub.

Protocols to choose from when cloning:

plain Git, aka git://github.com/

• Does not add security beyond what Git itself provides. The server is not verified.

  If you clone a repository over git://, you should check if the latest commit's hash is correct.

• You cannot push over it. (But see "Mixing protocols" below.)

HTTPS, aka https://github.com/

• HTTPS will always verify the server automatically, using certificate authorities.

• (On the other hand, in the past years several certificate authorities have been broken into, and many people consider them not secure enough. Also, some important HTTPS security enhancements are only available in web browsers, but not in Git.)

• Uses password authentication for pushing, and still allows anonymous pull.

• Downside: You have to enter your GitHub password every time you push. Git can remember passwords for a few minutes, but you need to be careful when storing the password permanently – since it can be used to change anything in your GitHub account.

• If you have two-factor authentication enabled, you will have to use a personal access token instead of your regular password.

• HTTPS works practically everywhere, even in places which block SSH and plain-Git protocols. In some cases, it can even be a little faster than SSH, especially over high-latency connections.

HTTP, aka http://github.com/

• Doesn't work with GitHub anymore, but is offered by some other Git hosts.

• Works practically everywhere, like HTTPS.

• But does not provide any security – the connection is plain-text.

SSH, aka git@github.com: or ssh://git@github.com/

• Uses public-key authentication. You have to generate a keypair (or "public key"), then add it to your GitHub account.

• Using keys is more secure than passwords, since you can add many to the same account (for example, a key for every computer you use GitHub from). The private keys on your computer can be protected with passphrases.

• On the other hand, since you do not use the password, GitHub does not require two-factor auth codes either – so whoever obtains your private key can push to your repositories without needing the code generator device.

• However, the keys only allow pushing/pulling, but not editing account details. If you lose the private key (or if it gets stolen), you can just remove it from your GitHub account.

• A minor downside is that authentication is needed for all connections, so you always need a GitHub account – even to pull or clone.

• You also need to carefully verify the server's fingerprint when connecting for the first time. Many people skip that and just type "yes", which is insecure.

• (Note: This description is about GitHub. On personal servers, SSH can use passwords, anonymous access, or various other mechanisms.)

Mixing protocols

Globally

You can clone everything over git://, but tell Git to push over HTTPS.

[url "https://github.com/"]
    pushInsteadOf = git://github.com/

Likewise, if you want to clone over git:// or HTTPS, but push over SSH:

[url "git@github.com:"]
    pushInsteadOf = git://github.com/
    pushInsteadOf = https://github.com/

These go to your git config file – sometimes ~/.config/git/config, or ~/.gitconfig, or just run git config --edit --global.

Per-repository

You can also set different pull and push URLs for every remote separately, by changing <code>remote.<i>name</i>.pushUrl</code> in the repository's own .git/config:

[remote "origin"]
    url = git://nullroute.eu.org/~grawity/rwho.git
    pushUrl = ssh://sine/pub/git/rwho.git