Github authentication /auth/done results in forbidden response.

[starsheriff]

I tried to set up authentication with github. As far as I can tell the authentication works until I am sent to /auth/done, where I get a 403 forbidden response.

from the logs:

::1 - - [21/Oct/2016:14:17:16 +0000] "GET /auth/github/callback?code=223dd7314085e2ba0885 HTTP/1.1" 302 64 "http://localhost:6067/login" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0"
::1 - - [21/Oct/2016:14:17:16 +0000] "GET /auth/done HTTP/1.1" 403 - "http://localhost:6067/login" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0"

I can provide more information if needed.

[claudioc]

The reason is that Github (sometimes?) doesn't return the user email, and Jingo needs to be instructed to deal with this case. From the README:

emptyEmailMatches allows access when remote authentication providers do not provide an email address as part of user data. It defaults to false, but will usually need to be set to true for GitHub authentication (GitHub only returns email addresses that have been made public on users' GitHub accounts).

[starsheriff]

Thank you, that resolved the issue. I would not have found that solution on my own I guess. May I suggest to update the documentation a little bit to highlight this? One sentence in the Github oAuth section would suffice and probably help others as well.

[claudioc]

I've updated the README with a more explicit warning :)