- Notifications
You must be signed in to change notification settings - Fork926
fix: allow orgs with default github provider (cherry-pick #16755)#16784
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Merged
Uh oh!
There was an error while loading.Please reload this page.
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
This PR fixes 2 bugs:## Problem 1The server would fail to start when the default github provider wasconfigured and the flag `--oauth2-github-allowed-orgs` was set. Theerror was```error: configure github oauth2: allow everyone and allowed orgs cannot be used together```This PR fixes it by enabling "allow everone" with the default provideronly if "allowed orgs" isn't set.## Problem 2The default github provider uses the device flow to authorize users, andthat's handled differently by our web UI than the standard oauth flow.In particular, the web UI only handles JSON responses rather than HTTPredirects. There were 2 code paths that returned redirects, and the PRchanges them to return JSON messages instead if the device flow isconfigured.
stirby approved these changesMar 3, 2025
6da3c9d intorelease/2.20 32 checks passed
Uh oh!
There was an error while loading.Please reload this page.
Sign up for freeto subscribe to this conversation on GitHub. Already have an account?Sign in.
Labels
None yet
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Cherry-picked fix: allow orgs with default github provider (#16755)
This PR fixes 2 bugs:
Problem 1
The server would fail to start when the default github provider was
configured and the flag
--oauth2-github-allowed-orgswas set. Theerror was
This PR fixes it by enabling "allow everone" with the default provider
only if "allowed orgs" isn't set.
Problem 2
The default github provider uses the device flow to authorize users, and
that's handled differently by our web UI than the standard oauth flow.
In particular, the web UI only handles JSON responses rather than HTTP
redirects. There were 2 code paths that returned redirects, and the PR
changes them to return JSON messages instead if the device flow is
configured.