Looking for an example using GitHub as authorisation server #9
Comments
|
The documentation is not good for gin |
|
From what i can understand of the oauth protocol this has nothing or little to do with gin and more to do with how. In my current early version of using gin-server, i am using the AS also for authentication in cases where the grant_type authorization_code is used. When the user is not authenticated (the AS keeps a temp session cookie to know that) user is redirected to the ASs internal login page. After login the user is redirected back to the previous url before being redirected to the login page. To use github you would need to make a github application with a redirect url that points back to your AS, then have that endpoint in your AS write the proper the user id into the encrypted session cookie and then redirect back from where the user was originally redirect to github (which in most cases would be the authorisation endpoint). There, i fixed your problem ;) Certain details left out, for ex that the redirect url would need to read a code and ask for a token in the AS in github (if authorization_code is used with github) |
After reading the README of this repo, it is not clear to me what it takes to use this library together with an external authorisation server; in my case it must be GitHub.
What it looks to me is that the example provided uses the Go/Gin back-end on which this library runs as both OAuth authorisation server and resource server.
Question is: where should I put the specific GitHub URL's so that my resource server asks GitHub to:
In some other implementations (e.g. http://www.passportjs.org/) there is some "strategy" that must be provided so that the authorisation server is at GitHub, Google or similar.
Thank you for your attention.
The text was updated successfully, but these errors were encountered: