Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GitHub auth #95

Merged
merged 5 commits into from
Mar 28, 2022
Merged

GitHub auth #95

merged 5 commits into from
Mar 28, 2022

Conversation

jay-dee7
Copy link
Member

@jay-dee7 jay-dee7 commented Feb 11, 2022
edited
Loading

Description

🔥 Login With Github Support

We can now let users login into OpenRegistry using Github.
Web login is working fine now but when we sign user up using Github (first time login), then it's impossible to login to docker cli. We've broken that functionality with this PR but it's being worked on using #99

@jay-dee7 jay-dee7 self-assigned this Feb 11, 2022
@gitguardian
Copy link

gitguardian bot commented Feb 11, 2022
edited
Loading

️✅ There are no secrets present in this pull request anymore.

If these secrets were true positive and are still valid, we highly recommend you to revoke them.
Once a secret has been leaked into a git repository, you should consider it compromised, even if it was deleted immediately.
Find here more information about risks.

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

Our GitHub checks need improvements? Share your feedbacks!

@jay-dee7 jay-dee7 force-pushed the github-auth branch 5 times, most recently from dcf6845 to dd16d89 Compare February 16, 2022 05:46
Sanyambansal76
Sanyambansal76 reviewed Feb 16, 2022
View reviewed changes
auth/auth.go Outdated Show resolved Hide resolved
@jay-dee7 jay-dee7 added the P1 P1 label is used for this that we see of highest priority. Critical bugs, security issues, etc label Feb 17, 2022
@jay-dee7 jay-dee7 marked this pull request as ready for review March 27, 2022 21:14
@jay-dee7 jay-dee7 added the enhancement New feature or request label Mar 27, 2022
guacamole
guacamole reviewed Mar 28, 2022
View reviewed changes
auth/github.go Outdated Show resolved Hide resolved
guacamole
guacamole reviewed Mar 28, 2022
View reviewed changes
store/postgres/auto.go Outdated Show resolved Hide resolved
@jay-dee7
Security: Removed user-controlled redirect URL
2bf52fc 
Github CodeQL detected a medium level security vulerability in this run: https://github.com/containerish/OpenRegistry/runs/5711928771
In GithubCallbackHandler, we receive a "path" query param, which we use
to redirect user back to our web interface. We anyway provide webui
redirect url via config so it's better to stick to that.

Signed-off-by: jay-dee7 <[email protected]>
guacamole
guacamole approved these changes Mar 28, 2022
View reviewed changes
Copy link
Member

@guacamole guacamole left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome work!!! 🥇

@guacamole guacamole merged commit 0f33893 into master Mar 28, 2022
@guacamole guacamole deleted the github-auth branch March 28, 2022 12:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Sanyambansal76 Sanyambansal76 Sanyambansal76 left review comments

@guacamole guacamole guacamole approved these changes

Assignees

@jay-dee7 jay-dee7

Labels
enhancement New feature or request P1 P1 label is used for this that we see of highest priority. Critical bugs, security issues, etc
Projects
Containerish Road Map 2023-24
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jay-dee7 @Sanyambansal76 @guacamole