ueberauth/ueberauth_github ueberauth/ueberauth_github

  • Stars
    star
    101
  • Rank 326,266 (Top 7 %)
  • Language
    Elixir
  • License
    MIT License
  • Created over 8 years ago
  • Updated 11 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
ueberauth/ueberauth_github
github

ueberauth

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

GitHub OAuth2 Strategy for Überauth

Überauth GitHub

Build Status Module Version Hex Docs Total Download License Last Updated

GitHub OAuth2 strategy for Überauth.

Installation

  1. Setup your application at GitHub Developer.

  2. Add :ueberauth_github to your list of dependencies in mix.exs:

    def deps do
  [
    {:ueberauth_github, "~> 0.8"}
  ]
end

  3. Add GitHub to your Überauth configuration:

    config :ueberauth, Ueberauth,
  providers: [
    github: {Ueberauth.Strategy.Github, []}
  ]

  4. Update your provider configuration:

    config :ueberauth, Ueberauth.Strategy.Github.OAuth,
  client_id: System.get_env("GITHUB_CLIENT_ID"),
  client_secret: System.get_env("GITHUB_CLIENT_SECRET")

    Or, to read the client credentials at runtime:

    config :ueberauth, Ueberauth.Strategy.Github.OAuth,
  client_id: {:system, "GITHUB_CLIENT_ID"},
  client_secret: {:system, "GITHUB_CLIENT_SECRET"}

  5. Include the Überauth plug in your router:

    defmodule MyApp.Router do
  use MyApp.Web, :router

  pipeline :browser do
    plug Ueberauth
    ...
   end
end

  6. Create the request and callback routes if you haven't already:

    scope "/auth", MyApp do
  pipe_through :browser

  get "/:provider", AuthController, :request
  get "/:provider/callback", AuthController, :callback
end

  7. Your controller needs to implement callbacks to deal with Ueberauth.Auth and Ueberauth.Failure responses.

For an example implementation see the Überauth Example application.

Calling

Depending on the configured url you can initiate the request through:

/auth/github

Or with options:

/auth/github?scope=user,public_repo

By default the requested scope is "user,public\_repo". This provides both read and write access to the GitHub user profile details and public repos. For a read-only scope, either use "user:email" or an empty scope "". Empty scope will only request minimum public information which even excludes user's email address which results in a nil for email inside returned %Ueberauth.Auth.Info{}. See more at GitHub's OAuth Documentation.

Scope can be configured either explicitly as a scope query value on the request path or in your configuration:

config :ueberauth, Ueberauth,
  providers: [
    github: {Ueberauth.Strategy.Github, [default_scope: "user,public_repo,notifications"]}
  ]

It is also possible to disable the sending of the redirect_uri to GitHub. This is particularly useful when your production application sits behind a proxy that handles SSL connections. In this case, the redirect_uri sent by Ueberauth will start with http instead of https, and if you configured your GitHub OAuth application's callback URL to use HTTPS, GitHub will throw an uri_mismatch error.

To prevent Ueberauth from sending the redirect_uri, you should add the following to your configuration:

config :ueberauth, Ueberauth,
  providers: [
    github: {Ueberauth.Strategy.Github, [send_redirect_uri: false]}
  ]

Private Emails

GitHub now allows you to keep your email address private. If you don't mind that you won't know a users email address you can specify allow_private_emails. This will set the users email as [email protected].

config :ueberauth, Ueberauth,
  providers: [
    github: {Ueberauth.Strategy.Github, [allow_private_emails: true]}
  ]

Copyright and License

Copyright (c) 2015 Daniel Neighman

This library is released under the MIT License. See the LICENSE.md file

More Repositories

1

guardian

Elixir Authentication
Elixir
3,358
star
2

ueberauth

An Elixir Authentication System for Plug-based Web Applications
Elixir
1,560
star
3

oauth2

An Elixir OAuth 2.0 Client Library
Elixir
734
star
4

guardian_db

Guardian DB integration for tracking tokens and ensuring logout cannot be replayed.
Elixir
356
star
5

ueberauth_example

Example Phoenix application using Überauth for authentication
Elixir
215
star
6

ueberauth_google

Google OAuth2 Strategy for Überauth.
Elixir
157
star
7

ueberauth_identity

A username/password Strategy for Überauth
Elixir
79
star
8

ueberauth_facebook

Facebook OAuth2 Strategy for Überauth.
Elixir
74
star
9

guardian_phoenix

A collection of helpers for when using Guardian with Phoenix
Elixir
43
star
10

ueberauth_twitter

Twitter Strategy for Überauth
Elixir
35
star
11

guardian_backdoor

A plug to write faster acceptance tests by skipping the sign-in process. This feature is inspired by Clearance’s backdoor.
Elixir
26
star
12

ueberauth_slack

Slack OAuth2 Strategy for Überauth
Elixir
23
star
13

ueberauth_vk

vk.com OAuth2 Strategy for Überauth.
Elixir
19
star
14

ueberauth_apple

Ueberauth Strategy for Sign In with Apple
Elixir
7
star
15

guardian_paseto

A Guardian.Token implementation for Paseto tokens (https://paseto.io)
Elixir
7
star
16

guardian_jwe

Elixir
6
star
17

guardian_pemfile_config_example

Example of a guardian configuration using a private and public pem file
Elixir
6
star
18

ueberauth_provider

OAuth2 Provider
Elixir
5
star
19

guardian_onetime

A single use token implementation for Guardian
Elixir
1
star