Mantis Bugtracker 

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0008214TestLinkAuthenticationpublic2018-02-26 21:052019-02-03 22:24
Assigned Tofman 
PrioritynormalSeverityfeature requestReproducibilityN/A
PlatformOSOS Version
Product Version1.9.16 (2016 Q4) 
Fixed in Version 
Summary0008214: GitHub OAuth 2.0
DescriptionGitHub OAuth 2.0
TagsNo tags attached.
Database (MySQL,Postgres,etc)N/A
PHP Version
QA Team - Task Workflow StatusTBD
Attached Files

- Relationships
related to 0008093assignedfman Google OAuth 2.0 

-  Notes
fman (administrator)
2018-02-27 22:12

First version based on user contribution, is ready to test.

changes to testlink classes to allow search user by email.
email is sent back by GitHub.

add a new user attribute: oauthid than can contains the attribute to search for existent user.
This way I can have my work email on email attribute and my gmail mail on oauthid.
fman (administrator)
2019-02-03 22:08
edited on: 2019-02-03 22:08

From [^]
About OAuth Apps
OAuth2 is a protocol that lets external applications request authorization to private details in a user's 
GitHub account without accessing their password. This is preferred over Basic Authentication because 
tokens can be limited to specific types of data and can be revoked by users at any time.

An OAuth App uses GitHub as an identity provider to authenticate as the user who grants access to the 
app. This means when a user grants an OAuth App access, they grant permissions to all repositories they 
have access to in their account, and also to any organizations they belong to that haven't blocked third-party 

Building an OAuth App is a good option if you are creating more complex processes than a simple script 
can handle. Note that OAuth Apps are applications that need to be hosted somewhere.

Keep these ideas in mind when creating OAuth Apps:

An OAuth App should always act as the authenticated GitHub user across all of GitHub (for example, when 
providing user notifications).
An OAuth App can be used as an identity provider by enabling a "Login with GitHub" for the 
authenticated user.
Don't build an OAuth App if you want your application to act on a single repository. With the repo OAuth 
scope, OAuth apps can act on all of the authenticated user's repositories.
Don't build an OAuth App to act as an application for your team or company. OAuth Apps authenticate as 
a single user, so if one person creates an OAuth App for a company to use, and then they leave the company, 
no one else will have access to it.
For more on OAuth Apps, see "Creating an OAuth App" and "Registering your app."

fman (administrator)
2019-02-03 22:14
edited on: 2019-02-03 22:24

Available for tests on GitHub

Client ID

Client Secret

Callback URL - Mandatory [^]

fman (administrator)
2019-02-03 22:23

Redirect URLs

The redirect_uri parameter is optional. If left out, GitHub will redirect users to the callback URL configured 
in the OAuth Application settings. 

If provided, the redirect URL's host and port must exactly match the callback URL. 
The redirect URL's path must reference a subdirectory of the callback URL.

- Issue History
Date Modified Username Field Change
2018-02-26 21:05 fman New Issue
2018-02-26 21:05 fman Status new => assigned
2018-02-26 21:05 fman Assigned To => fman
2018-02-26 21:05 fman Issue generated from: 0008093
2018-02-26 21:05 fman Relationship added related to 0008093
2018-02-26 21:07 fman Category Charts => Authentication
2018-02-27 22:12 fman Note Added: 0027252
2019-02-03 22:08 fman Note Added: 0028501
2019-02-03 22:08 fman Note Edited: 0028501 View Revisions
2019-02-03 22:14 fman Note Added: 0028502
2019-02-03 22:23 fman Note Added: 0028503
2019-02-03 22:24 fman Note Edited: 0028502 View Revisions

Copyright © 2000 - 2020 MantisBT Team
Powered by Mantis Bugtracker