InfoSec812
commented
5 years ago I'm not sure how that would work with Google OAuth. I'd be happy to review a pull request.
Open iakat opened 5 years ago
InfoSec812
commented
5 years ago I'm not sure how that would work with Google OAuth. I'd be happy to review a pull request.
trajano
commented
5 years ago Wouldn't this be a matter of checking the email address being returned in the user profile can confirming it is in the whitelist specified in sonar.auth.googleoauth.limitOauthDomain
InfoSec812
commented
5 years ago @trajano The limitOauthDomain is a setting which is sent as part of the OAuth challenge to Google, so the domain needs to be determined BEFORE the flow begins.
roelandpinch
commented
5 years ago We needed this support as well and changed the code, and we are testing it now. Perhaps this can be useful for you as well @chauffer ? https://github.com/roelandpinch/sonar-auth-google/commit/26258856d9cc90397803a7f7fd5ae80a696a9d71
iakat
commented
5 years ago Thank you very much for the tag @roelandpinch! It will be useful.
InfoSec812
commented
5 years ago @roelandpinch Would you mind submitting a PR and we'll get this integrated?
roelandpinch
commented
5 years ago @InfoSec812 Sure, I have submitted the PR!
ErenPhayte
commented
3 years ago Has this been reviewed yet? Just came across the same issue.
InfoSec812
commented
3 years ago As mentioned in the project README:
This Plugin Is No Longer Maintained
After trying to keep this updated for some time, I have just not been able to with all of my other demands. If anyone would like to take this project over, you are welcome to. As an alternative, you can use oauth2-proxy and HTTP Header Authentication to support ANY OAuth2/OIDC provider.
Hello!
Is there support for multiple oauth domains?
Thanks.