Github OAuth using a private email address [renamed]


(Andrew Stroup) #1

I’m setting up OAuth (specifically Github OAuth) and have successfully created a Github app that has generated a Client ID and Secret key.

When I attempt to OAuth into my private discourse server using my Github account, I receive the following response:

I currently have public account registration disabled (how we have to set it up for our use) AND the email address I registered with is one of the emails associated with my Github account (HOWEVER it is not my primary or public github email address).

Has anyone experienced similar issues and found a resolution? Thanks!


(Jeff Atwood) #2

You have disabled all public logins, and you are trying to log in via a public login method…

That would be a problem, as in Discourse, email = identity. So you are trying to sign up with a different, unknown email that has not been allowed.


(Andrew Stroup) #3

Thanks for the quick response @codinghorror. Got it and understood.

I was hoping there was a way to use a listed github email address that isn’t public (since I give access to the Discourse app to my Github account) to login since the email address domain I’m registering with is best not used for public consumption.

Thanks!


(Andrew Stroup) #4

Quick follow up on this @codinghorror. I was doing some digging and it looks like GitHub OAuth allows you to pull the private emails listed within a GitHub account for OAuth purposes, see link below

https://developer.github.com/guides/basics-of-authentication/

The rationale behind this is that the Discourse community I support uses private emails that are also attached to GitHub for collaboration (a little ironic I know) so it’d be awesome for these users to simply OAuth into the Discourse server via GitHub vs a username/password, BUT that requires Discourse’s GitHub OAuth to pull all emails associated with a GitHub account and check against the user list (email addresses) for authentication.

Should this be moved to the feature request section? Thanks!


(Kane York) #5

It will use the email marked as “primary” on Github (it must also be verified).


(Andrew Stroup) #6

Hey @riking thanks for the quick response! You’re totally right, BUT that doesn’t solve my use case (which may be unique in itself).

It’d be awesome to understand what the overhead would be to include using GitHub private email addresses. Thanks!