Plots2: Create Github OAuth App

@jywarren this needs to be done after #2771 is merged and google works perfectly in production.

Part of #2676

Hi, this looks great. Can you create an "Oauth Login" milestone and add and prioritize things in there? I think it'll be helpful to keep track. Thanks!!!

I have created #2676 as main issue for the milestone OAUTH LOGIN. I have written each and every needy greedy detail of all the linked issues. I hope this will reduce the ambiguity which we are facing nowadays.

:-) awesome!!!

I am done with github provider. Whenever you get time you can make github app.
Thanks

OK, so i should make multiple apps, one for each environment, like localhost:3000, stable, unstable...?

And what env variable name should I use? OAUTH_GITHUB_APP_KEY and OAUTH_GITHUB_APP_SECRET?

Yeah.

Are the localhost ones really necessary? Could people build those themselves?

The others are done and installed on Jenkins and production though!

localhost ones can be made by developers.

The others are done and installed on Jenkins and production though!

Have you completed the github developer apps settings?

But the feature will not be present in localhost. Developers will not be able to login and logout via providers

Yes i think so!

No they are not.
@jywarren this is Github issue. I think you are talking about #2892.

The link stable.publiclab.org/auth/github is not functional

Can we first finish up #2892 and then jump into this?

No, i just set it all up for GitHub going through the steps above. But I haven't pushed to stable since this morning; i can now.

Ok. Let's push there and see.

Hurray

It is working fine on stable

@jywarren I guess you wrote your name instead of Public lab.
Github asks to sign in jywarren instead of public lab.
Can you please change that?
Thanks

Great. Now the text is stable.publiclab.org

OK pushed! testing

it works!

Ah oops!

how about now?

stable working fine
unstable bad gateway error
pl.org not functional

It's not published to production yet -- and not to unstable, but you can push it there!

publishing to production now

Pushed to unstable
Testing now

Unstable shows 502 Bad Gateway

We are done with unstable
Thanks @jywarren

We are done with PL.org
Thanks a lot @jywarren

Now we are back to localhost:3000 and localhost:3001.
What do we need to do for them?
I will suggest that the developer should create their account themselves OR we can make an app for the developer. Here we don't have to do any domain verificationas we did in case of Google. So, this will be pretty simple.

Let's for the time being ask the developer to do it for themselves. I think
that's reasonable -- if we find we need to do a lot more work on them,
maybe we can change our minds. What do you think?

But we can also provide documentation for how to set it up.

yep that's how unstable works. Super!

I think let's try and make at least one developer's app, say GitHub. So that the developers will have an ease with logging in and logging out
We can set up documentation for other providers.
Creating 4 developers app and changing the settings each time the provider changes its setting will be a tough job for you. You already need to change the settings for 3 apps unstable, stable and production if any settings change for an provider.

And
THANKS A LOT for making 3 apps for GitHub provider.

I like this idea! OK -- so, should we openly share the app id then?

and the secret? I have a localhost:3000 one ready

Can you check if jenkins development environment variables can work?
If they can work then it would be best.

I mean set up the environment variables for development too as you set up for production. Then we can test.

Oh, but we run Jenkins builds in production environment. Ah, you mean temporarily replace them and test it out? Sure, i can do that tomorrow morning. But how would we help people use them locally?

and the secret?

Sorry you cannot send your app_secret to anyone. I sent you because I can trust you. And I will delete the app in a week or two when we will finish up with Google completely. But you cannot trust on the new developers

I was refering to the way you wrote in https://github.com/publiclab/plots2/pull/2855#issuecomment-398864238

That's fine, i just am not sure for whom we are setting up the developer app... are we just testing that it works at all? If we're not distributing a secret key, folks won't be able to try it locally. Sorry if I'm missing something really obvious here!

for whom we are setting up the developer app... are we just testing that it works at all?

For the future developers maybe after 3-4 years who will need to change the authentication system for its improvement. I am concerned about future.

Secondly, the developers will be able to log in and log out via localhost:3000 via providers. Otherwise when new developers will try to login via provider they will get errors and they will report them as issues on public lab.

If we're not distributing a secret key, folks won't be able to try it locally.

They can try it on localhost only if they make their own developer's app. Else they will get errors. I am concerned about those errors.

Errors like missing client_id etc. when they will try to log in via provider.

The existing login system (username and password) will work on the localhost too for them.

Ah, so you would just like to debug the errors one gets when doing this
from localhost?

On Tue, Jun 26, 2018 at 7:55 PM Sidharth Bansal notifications@github.com
wrote:

Errors like missing client_id etc. when they will try to log in via
provider.

The existing login system will work on the localhost too for them.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/publiclab/plots2/issues/2856#issuecomment-400499091,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AABfJ1ybdTZ6oDlEqQdOJ0XlXwa8slR_ks5uAsnpgaJpZM4UtlK7
.

Yes.

One way is to use <% if Rails.env == "production"%> for the views. This will not let the developers sign in via provider until they go to localhost:xxxx/auth/:provider. And write documentation for setting up app.
What do you say?