Skip to main content

Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

  •  
     
    story #8631 delegate authentication to Github and link an existing account
Actions
Summary
tuleap user
delegate authentication to Github and link an existing account
Empty

Scenario:

  • When someone goes on login page, there is a "Login with Github" button.
  • When user click it, she is redirected to github to authorization
  • If user grant access, she is redirected to Tuleap server
    • If user never associated her github account to Tuleap account, she's asked to authenticate on Tuleap using login & password. Once the Tuleap authentication succeed the 2 accounts are associated.
    • If Github identifier is already known (previous bullet) user is automatically authenticated & redirected to the page she supposed to see (return to original page)
  • If user doesn't grant access, she is redirected to Tuleap server, Tuleap server display an error and propose standard login.
  • User should see his associations in account prefrences + unlink

In this step, there is not yet:

  • possibility to create an account
  • possibility to use a provider different of Github

Technical notes:

  • Technically speaking, the GH information is stored in DB but "hardcoded" (it means that an admin that want to deploy the plugin at this time will have to insert stuff directly in DB)
  • If LDAP is activated, there is no openid connect
  • One user can pair several providers to one account
Empty
Thomas Gerbet (tgerbet)
Status
Empty
Done
Development
  • [ ] Does it involves User Interface? 
  • [ ] Are there any mockups?
  • [ ] Are permissions checked?
  • [ ] Does it need Javascript development?
  • [ ] Does it need a forge upgrade bucket?
  • [ ] Does it need to execute things in system events?
  • [ ] Does it impact project creation (templates)?
  • [ ] Is it exploratory?
Empty
Details
#8631
Manuel Vacelet (vaceletm)
2016-02-23 09:42
2015-11-27 11:00
4682

References
Artifact links
Empty
Referencing story #8631

Artifact Tracker v5

epic #8629 OAuth2 & OpenId Connect
rel #8811 8.12
story #8632 create an account after openid connect auth
story #9411 authenticate with GitHub

Git commit

tuleap/tuleap/stable

story #8631: Delegate authentication to GitHub through OpenID Connect 21006c5218
User avatar Thomas Gerbet (tgerbet) , 2016-02-09 09:09
Merge commit 'refs/changes/78/5078/3' of ssh://gerrit.tuleap.net:29418/tuleap into tuleap-stable-master 972bed998f
User avatar Manuel Vacelet (vaceletm) , 2016-02-12 10:43
story #8631: Clean up the library loading and keep information about which provider is used 019faf357c
User avatar Thomas Gerbet (tgerbet) , 2016-02-11 15:50
Merge commit 'refs/changes/87/5087/9' of ssh://gerrit.tuleap.net:29418/tuleap into tuleap-stable-master 300bff0e2d
User avatar Manuel Vacelet (vaceletm) , 2016-02-15 11:04
story #8631: Add login buttons on the login page df921b7cab
User avatar Thomas Gerbet (tgerbet) , 2016-02-15 10:46
Merge commit 'refs/changes/95/5095/4' of ssh://gerrit.tuleap.net:29418/tuleap into tuleap-stable-master 218445f95e
User avatar Manuel Vacelet (vaceletm) , 2016-02-16 15:49
story #8631: A user can link an existing Tuleap account to an OpenID Provider 553895094c
User avatar Thomas Gerbet (tgerbet) , 2016-02-16 15:03
Merge commit 'refs/changes/93/5093/4' of ssh://gerrit.tuleap.net:29418/tuleap into tuleap-stable-master 1c9365db80
User avatar Manuel Vacelet (vaceletm) , 2016-02-17 16:41
story #8631: Add a warning message when the plugin is not accessed with HTTPS 50d233c528
User avatar Thomas Gerbet (tgerbet) , 2016-02-17 15:42
Merge commit 'refs/changes/06/5106/6' of ssh://gerrit.tuleap.net:29418/tuleap into tuleap-stable-master 3e5664e67c
User avatar Manuel Vacelet (vaceletm) , 2016-02-22 13:30
story #8631: Add the possibility to remove a link between a user account and an OpenID Connect provider 542a53b8ce
User avatar Thomas Gerbet (tgerbet) , 2016-02-22 11:02
Referenced by story #8631

Other

gerrit #5060
Display settings

Follow-ups

User avatar
Manuel Vacelet (vaceletm)2016-02-16 14:26
  • Acceptance criteria
    Something went wrong, the follow up content couldn't be loaded
    Only formatting have been changed, you should switch to markup to see the changes
User avatar
Thomas Gerbet (tgerbet)2016-02-04 10:26
  • Status changed from Ready (stalled) to On going
  • CC list set to Thomas Gerbet (tgerbet)
User avatar
Manuel Vacelet (vaceletm)2015-11-27 11:03
  • Acceptance criteria
    Something went wrong, the follow up content couldn't be loaded
    Only formatting have been changed, you should switch to markup to see the changes