Safety concerns around using Gatekeeper

[geordidearns]

Hey!

Have been exploring the options of trying to get around Github's OAuth2 authentication and really struggling to find a way and came across this project.

Are there any security concerns I would need to take into consideration when using the service? I assume an instance can be self-hosted, but i'm pretty new to OAuth and other authentication protocols.

If I could get some advice or help, it would be great

[dereklieu]

Hey @geordidearns good question. Gatekeeper is a very simple Oauth handshake api built on Express. I don't know of any Gatekeeper-specific concerns at the moment, but I encourage you to take a look at the codebase, in particular server.js, and let us know what you think.

[geordidearns]

Hey @dereklieu - I ended up going down the server route for the OAuth myself so didn't need Gatekeeper in this instance - thanks for your answer and I'll close this issue now. Thanks for your work on this also! Keep it up 👍