steve-jansen / github-oauth-plugin Goto Github PK
View Code? Open in Web Editor NEWThis project forked from jenkinsci/github-oauth-plugin
jenkins authentication plugin using github oauth as source
License: MIT License
This project forked from jenkinsci/github-oauth-plugin
jenkins authentication plugin using github oauth as source
License: MIT License
The current version of the GitHub OAuth plugin for Jenkins caches the list of GitHub Orgs that the authenticate user belongs to. This could be much more granular if we also included the teams the user belongs to within each org.
For example, a user might belong to the "Acme" org, the "Acme/Owners" team, and the "Acme/SomeCoolProject" team. Including these teams in the Jenkins auth tokens list of "Authorities" (aka roles) would be quite helpful when applying project matrix security.
See
https://github.com/mckinsey/github-oauth-plugin/blob/master/src/main/java/org/jenkinsci/plugins/GithubAuthenticationToken.java#L137 for the code that caches the org names for the current user.
The Jenkins WebUI makes an Ajax call to the URL
/job/<job name>/descriptorByName/hudson.security.AuthorizationMatrixProperty/checkName?value=<URI escaped username or role name>
to load the OK/Not OK status of a username/role name added to the permissions matrix table.
For example, a succesful user lookup returns:
<img src='/static/8d261c2f/images/16x16/person.png' style='margin-right:0.2em'>Steve Jansen`, which looks like this:
An example of an unknown user/group returns:
<img src='/static/8d261c2f/images/16x16/error.png' style='margin-right:0.2em'>Unknown User
The GitHub OAuth plugin' security realm doesn't seem to properly support this feature. We need to add support for this realm check. Relevant lines of code that run the user/group check are found at https://github.com/jenkinsci/jenkins/blob/0d955259d8880e02452f23e422e5272e6ab26153/core/src/main/java/hudson/security/GlobalMatrixAuthorizationStrategy.java#L291
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.