Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extend GitHub Oauth2 strategy for use with GitHub Enterprise #3568

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Extend GitHub Oauth2 strategy for use with GitHub Enterprise #3568

wants to merge 1 commit into from

Conversation

jabellard
Copy link

@jabellard jabellard commented Nov 20, 2023
edited

Description

The GitHub Oauth2 SSO strategy is built on top of the passport-github2 package. That package, by default, is configured to use public GitHub as the identity provider:
Authorization URL Setting
Token URL Setting
User Profile URL Setting
User Email URL Setting

Those defaults can be overridden so that an instance of GitHub Enterprise can be used as the identity provider.
The purpose of this PR is to enable that by setting the following environment variables:

  • GITHUB_AUTHORIZATION_URL: Authorization endpoint.
  • GITHUB_TOKEN_URL: Endpoint to retrieve access token.
  • GITHUB_USER_PROFILE_URL: Endpoint to retrieve general user info (e.g., full name).
  • GITHUB_USER_EMAIL_URL: Endpoint to retrieve user emails.

Sample configuration:

# New configuration settings================================================
GITHUB_AUTHORIZATION_URL=https://{{ENTERPRISE_INSTANCE_HOST_NAME}}/login/oauth/authorize
GITHUB_TOKEN_URL=https://{{ENTERPRISE_INSTANCE_HOST_NAME}}/login/oauth/access_token
GITHUB_USER_PROFILE_URL=https:/{{ENTERPRISE_INSTANCE_HOST_NAME}}/api/v3/user
GITHUB_USER_EMAIL_URL=https://{{ENTERPRISE_INSTANCE_HOST_NAME}}/api/v3/user/emails

# Configuration settings that remain unchanged in meaning============================= 
GITHUB_CLIENT_ID=*****************************************
GITHUB_CLIENT_SECRET=*****************************************
GITHUB_CALLBACK_URL=http://localhost:3170/v1/auth/github/callback
GITHUB_SCOPE="user:email"

The changes introduced in this PR are completed backwards compatible. As such, if if the intent is to use public GitHub as the identity provider, nothing changes. However, to use an instance of GitHub Enterprise as the identity provider, the environment variables outlined above must be set appropriately.

Checks

  • My pull request adheres to the code style of this project
  • All the tests have passed

@jabellard jabellard mentioned this pull request Nov 20, 2023
Open
@jabellard jabellard changed the title Extend Github Oauth2 Strategy for use with Github Enterprise Extend GitHub Oauth2 strategy for use with GitHub Enterprise Nov 20, 2023
@jabellard jabellard marked this pull request as ready for review November 20, 2023 04:10
@liyasthomas liyasthomas self-assigned this Nov 20, 2023
@r-brown
Copy link

r-brown commented Mar 20, 2024

Any progress here? May we expect this PR merged anytime soon?

@alastair-drong-wd
Copy link

Any progress here? May we expect this PR merged anytime soon?

See here, @r-brown, but the tl;dr is that they're rolling out an overlapping feature for Enterprise users, so they don't want it in the community version.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ankitsridhar16 ankitsridhar16 Awaiting requested review from ankitsridhar16 ankitsridhar16 is a code owner

@balub balub Awaiting requested review from balub balub is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

@liyasthomas liyasthomas

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@jabellard @r-brown @alastair-drong-wd @liyasthomas