Basic Auth instead of webFlow for github authentication? - Githubissues

brijeshshah13 / OpenCI

OpenCI, the ultimate Travis CI client for Android

GNU General Public License v3.0

25 stars 15 forks source link

Basic Auth instead of webFlow for github authentication? #7

Closed maulindesai closed 6 years ago

maulindesai commented 6 years ago

Hi, should we include basic-authentication in OpenCI project. so user need not leave the current application flow.

brijeshshah13 commented 6 years ago

@maulindesai Actually, I don't plan on implementing it because of the following reasons:

First of all we won't be able to use Basic Authentication even if we wanted to because we need to intercept and retrieve the code from the callback url, which will be used to exchange it for the GitHub access_token, which will be in turn used to exchange it for the Travis Public and Private access_tokens.
Second thing, GitHub WebFlow is far more secure than Basic Authentication.

You can pitch in ideas for the UI of the rest of the app :) Also, please close this issue if you find the answer up to the mark.