action #67576
closed
[spike:20h] github as authentication provider
Added by okurz over 4 years ago.
Updated over 4 years ago.
Category:
Feature requests
Description
Motivation¶
We only support "OpenID" and "Fake" authentication so far. In #66703 we can see the problem with the high reliance on OpenID. In multiple places we are happy users of what github provides. We should research how feasible it is to support github as authentication provider, same as many other services do.
- Status changed from Workable to In Progress
- Assignee set to livdywan
- Target version changed from Ready to Current Sprint
- OAuth 2.0 which GitHub supports is pretty straightforward. Request a token via GET, get a temporary code and turn that into an access token.
- An application has to be registered. The domain has to match or the login will fail.
- Getting user details like nickname/fullname/email requires gitHub-specific API, although that's just one more GET.
- Mojolicious::Plugin::OAuth2 looks to make OAuth 2.0 easy to implement. Bonus points for supporting various other services by design.
- We could get the
gravatar avatar and use it - this would be a new feature.
My proof of concept actually turned into a working implementation pretty quickly.
On a side note, we could hypothetically use GitHub credentails for needle editing. Although I didn't explore this further.
- We could get the gravatar and use it - this would be a new feature.
We already support gravatar. Isn't that only based on the email?
okurz wrote:
- We could get the gravatar and use it - this would be a new feature.
We already support gravatar. Isn't that only based on the email?
Sorry, I actually meant avatar there. The email is optional if the user chooses to hide it. So using the provided avatar would work better in that case.
- Status changed from In Progress to Feedback
- Status changed from Feedback to Resolved
Also available in: Atom
PDF