aboutsummaryrefslogtreecommitdiff
path: root/server/auth/github
AgeCommit message (Collapse)Author
2020-04-13SimplifyBen Burwell
2018-08-20Remove authprovider.SessionNiall Sheridan
2017-04-10update dependenciesNiall Sheridan
2017-02-12Initial pass at prometheus support. (#56)Kevin Lyda
2017-02-11Revert "Remove the oauth_callback_url config option"Niall Sheridan
2017-02-09Remove the oauth_callback_url config optionNiall Sheridan
Infer the redirect url from the request instead
2017-01-16Update authprovider testsNiall Sheridan
2017-01-15Add more context to errorsNiall Sheridan
2016-06-14Update whitelistingNiall Sheridan
Whitelist Google users based on their email address instead of the username part of the email address. Plain gmail (non Google Apps) accounts don't necessarily end in '@gmail.com', and whitelisting on username alone is open to abuse. Skip testing for a Google Apps domain (ui.Hd) if no domain is configured. Principals will still be added as the user part of the email address. For the Github provider, skip checking that the user is a member of an organization is none is configured.
2016-06-14Merge pull request #21 from nsheridan/whitelist_supportMarco Bonetti
Add support for a users whitelist
2016-06-14Add support for a users whitelistMarco Bonetti
2016-06-13Run the linter as part of tests.Niall Sheridan
Fix lint warnings.
2016-06-06Save oauth 'state' identifier in the clientNiall Sheridan
2016-05-28Set expiry time in the github auth packageNiall Sheridan
2016-05-24Don't allow wide-open Google or Github configsPatrick O'Doherty
Fail loudly if either the google_opts domain value or github_opts organization values are not set in the configuration. The lack of these values means that a) in the Google case any @gmail.com address will be allowed b) the Github case any Github user will be allowed. This was previously documented but left as a foot-gun in the code. Future commits will allow for explicit wildcards to be set.
2016-04-23Fix commentsNiall Sheridan
2016-04-22Add github oauth provider.Niall Sheridan