paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-04 14:03:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
ebf79427cadb24f099f19f43faa2cc2dd9cb2210
zulip/docs/subsystems/oauth.md
David Rosa Tamsen 7072fa5b37 docs: Reorganize developer docs to improve navigation. 
This commit helps reduce clutter on the navigation sidebar.
Creates new directories and moves relevant files into them.
Modifies index.rst, symlinks, and image paths accordingly.

This commit also enables expandable/collapsible navigation items,
renames files in docs/development and docs/production,
modifies /tools/test-documentation so that it overrides a theme setting,
Also updates links to other docs, file paths in the codebase that point
to developer documents, and files that should be excluded from lint tests.

Note that this commit does not update direct links to
zulip.readthedocs.io in the codebase; those will be resolved in an
upcoming follow-up commit (it'll be easier to verify all the links
once this is merged and ReadTheDocs is updated).

Fixes #5265.
2017-11-16 09:45:08 -08:00

2.2 KiB
Raw Blame History

Google & GitHub authentication with OAuth 2

Among the many authentication methods we support, a server can be configured to allow users to sign in with their Google accounts or GitHub accounts, using the OAuth protocol.

Testing OAuth in development

Because these authentication methods involve an interaction between Zulip, an external service, and the user's browser, and particularly because browsers can (rightly!) be picky about the identity of sites you interact with, the preferred way to set them up in a development environment is to set up the real Google and GitHub to process auth requests for your development environment.

The steps to do this are a variation of the steps documented in prod_settings_template.py. Here are the full procedures for dev:

Google

  • Visit https://console.developers.google.com and navigate to "APIs & services" > "Credentials". Create a "Project" which will correspond to your dev environment.

  • Navigate to "APIs & services" > "Library", and find the "Google+ API". Choose "Enable".

  • Return to "Credentials", and select "Create credentials". Choose "OAuth client ID", and follow prompts to create a consent screen, etc. For "Authorized redirect URIs", fill in https://zulipdev.com:9991/accounts/login/google/done/ .

  • You should get a client ID and a client secret. Copy them. In dev_settings.py, set GOOGLE_OAUTH2_CLIENT_ID to the client ID, and in dev-secrets.conf, set google_oauth2_client_secret to the client secret.

  • Uncomment 'zproject.backends.GoogleMobileOauth2Backend' in AUTHENTICATION_BACKENDS in dev_settings.py.

GitHub

  • Register an OAuth2 application with GitHub at one of https://github.com/settings/developers or https://github.com/organizations/ORGNAME/settings/developers. Specify http://zulipdev.com:9991/complete/github/ as the callback URL.

  • You should get a page with settings for your new application, showing a client ID and a client secret. In dev_settings.py, set SOCIAL_AUTH_GITHUB_KEY to the client ID, and in dev-secrets.conf, set social_auth_github_secret to the client secret.

  • Uncomment 'zproject.backends.GitHubAuthBackend' in AUTHENTICATION_BACKENDS in dev_settings.py.

Reference in New Issue View Git Blame Copy Permalink