Skip to content

GitHub auth#95

Merged
guacamole merged 5 commits intomasterfrom
github-auth
Mar 28, 2022
Merged

GitHub auth#95
guacamole merged 5 commits intomasterfrom
github-auth

Conversation

@jay-dee7
Copy link
Member

@jay-dee7 jay-dee7 commented Feb 11, 2022
edited
Loading

Description

🔥 Login With Github Support

We can now let users login into OpenRegistry using Github.
Web login is working fine now but when we sign user up using Github (first time login), then it's impossible to login to docker cli. We've broken that functionality with this PR but it's being worked on using #99

@jay-dee7 jay-dee7 requested a review from guacamole February 11, 2022 19:32
@jay-dee7 jay-dee7 self-assigned this Feb 11, 2022
@gitguardian
Copy link

gitguardian bot commented Feb 11, 2022
edited
Loading

️✅ There are no secrets present in this pull request anymore.

If these secrets were true positive and are still valid, we highly recommend you to revoke them.
Once a secret has been leaked into a git repository, you should consider it compromised, even if it was deleted immediately.
Find here more information about risks.

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

Our GitHub checks need improvements? Share your feedbacks!

@jay-dee7 jay-dee7 force-pushed the github-auth branch 5 times, most recently from dcf6845 to dd16d89 Compare February 16, 2022 05:46
Sanyambansal76
Sanyambansal76 reviewed Feb 16, 2022
View reviewed changes
@jay-dee7 jay-dee7 added the P1 P1 label is used for this that we see of highest priority. Critical bugs, security issues, etc label Feb 17, 2022
@jay-dee7 jay-dee7 marked this pull request as ready for review March 27, 2022 21:14
@jay-dee7 jay-dee7 added the enhancement New feature or request label Mar 27, 2022
guacamole
guacamole reviewed Mar 28, 2022
View reviewed changes
guacamole
guacamole reviewed Mar 28, 2022
View reviewed changes
@jay-dee7
Security: Removed user-controlled redirect URL
2bf52fc 
Github CodeQL detected a medium level security vulerability in this run: https://github.com/containerish/OpenRegistry/runs/5711928771
In GithubCallbackHandler, we receive a "path" query param, which we use
to redirect user back to our web interface. We anyway provide webui
redirect url via config so it's better to stick to that.

Signed-off-by: jay-dee7 <[email protected]>
guacamole
guacamole approved these changes Mar 28, 2022
View reviewed changes
Copy link
Member

@guacamole guacamole left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome work!!! 🥇

@guacamole guacamole merged commit 0f33893 into master Mar 28, 2022
@guacamole guacamole deleted the github-auth branch March 28, 2022 12:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@guacamole guacamole guacamole approved these changes

+1 more reviewer

@Sanyambansal76 Sanyambansal76 Sanyambansal76 left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@jay-dee7 jay-dee7

Labels

enhancement New feature or request P1 P1 label is used for this that we see of highest priority. Critical bugs, security issues, etc

Projects

Containerish Road Map 2023-24
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jay-dee7 @Sanyambansal76 @guacamole