Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(oauth-scopes): reduce required scopes to the minimum #119

Merged
merged 13 commits into from
Sep 23, 2023
Merged

fix(oauth-scopes): reduce required scopes to the minimum #119

merged 13 commits into from
Sep 23, 2023

Conversation

Anthony-Jhoiro
Copy link
Contributor

@Anthony-Jhoiro Anthony-Jhoiro commented Aug 4, 2023
edited
Loading

Currently, the Outstatic documentation says to create an Oauth application to manage user authentication.
This is great but GitHub recommends the usage of GitHub application instead which provides Fine Grained access to resources and can limit Outstatic accesses to a single repository (if needed).

Changes :

  • Documentation about GitHub Application added
  • Reduce OAuth scopes to only "read:user" and "repo"

Bug

  • Related issues linked using fixes #number
  • Integration tests added
  • Errors have a helpful link attached, see contributing.md

@vercel
Copy link

vercel bot commented Aug 4, 2023

Someone is attempting to deploy a commit to a Personal Account owned by @avitorio on Vercel.

@avitorio first needs to authorize it.

@vercel
Copy link

vercel bot commented Aug 4, 2023
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
outstatic-canary ✅ Ready (Inspect) Visit Preview 💬 Add feedback Sep 23, 2023 11:29pm
outstatic-dev-blog ✅ Ready (Inspect) Visit Preview 💬 Add feedback Sep 23, 2023 11:29pm
outstatic-web ✅ Ready (Inspect) Visit Preview 💬 Add feedback Sep 23, 2023 11:29pm

@Anthony-Jhoiro Anthony-Jhoiro marked this pull request as ready for review August 5, 2023 12:24
@avitorio
Copy link
Owner

avitorio commented Aug 6, 2023
edited
Loading

Hey @Anthony-Jhoiro,

Thank you for this. I noticed that when I follow the steps it seems we are missing something.
When I log into outstatic, I get asked to authorize the app, and then I'm redirected back to the Dashboard.
But none of the collections/documents are available. Only after I go back to Github and click on Install App:

CleanShot 2023-08-06 at 15 50 29@2x

I get this:

CleanShot 2023-08-06 at 15 51 56@2x

And then I'm able to see the contents of the repository on the Dashboard.
Is there a simpler way to achieve this? I was hoping to get that last screenshot when logging in to Outstatic.

@Anthony-Jhoiro
Copy link
Contributor Author

Thank's for your answer, @avitorio !

Yes, I forgot this part in the documentation; I can add it tomorrow.
You are right, and it would be better! I can try that during the week!

@vercel vercel bot temporarily deployed to Preview – outstatic-web August 29, 2023 15:09 Inactive
@changeset-bot
Copy link

changeset-bot bot commented Sep 23, 2023
edited
Loading

⚠️ No Changeset found

Latest commit: dd2fa79

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@vercel vercel bot temporarily deployed to Preview – outstatic-web September 23, 2023 19:28 Inactive
@avitorio
Copy link
Owner

Hey @Anthony-Jhoiro,
Sorry for the delay in reviewing this. The structure of the project changed to support Next.js 13's app directory and I've updated your PR with the necessary changes.

I've also updated the docs. I believe this is ready to merge. Thank you for your help!

@vercel vercel bot temporarily deployed to Preview – outstatic-web September 23, 2023 20:55 Inactive
@vercel vercel bot temporarily deployed to Preview – outstatic-web September 23, 2023 23:27 Inactive
@avitorio avitorio merged commit 8120cf2 into avitorio:canary Sep 23, 2023
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@Anthony-Jhoiro @avitorio