question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[multiuser] Signup with thin scopes for GitHub.

See original GitHub issue

Is your enhancement related to a problem? Please describe.

Currently, user must accept to give scopes repo,user,write:public_key to Che. IMO, this is too strong (or risky) for entry users who don’t use full functions.

Describe the solution you’d like

The bast is to enable no scope on their signup/login. (read:user, read:email may be safe.)

And Che asks adding more scope permission to the user logged in when it was required.

I guess it can be implemented by calling add_scopes via PATCH /authorizations/:authorization_id provided by GitHub API.

Describe alternatives you’ve considered

Additional context

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Comments:8 (8 by maintainers)

github_iconTop GitHub Comments

1reaction
slemeurcommented, Aug 2, 2019

Downgrading the priority. This is a very good enhancement request which will need to get prioritized - but regarding the other areas that needs hardening, this has a lower impact right now.

0reactions
che-botcommented, Jan 29, 2020

Issues go stale after 180 days of inactivity. lifecycle/stale issues rot after an additional 7 days of inactivity and eventually close.

Mark the issue as fresh with /remove-lifecycle stale in a new comment.

If this issue is safe to close now please do so.

Moderators: Add lifecycle/frozen label to avoid stale mode.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Managing multiple accounts - GitHub Docs
If you contribute with two accounts from one workstation, you can access repositories by using a different protocol and credentials for each account....
Read more >
Scopes for OAuth Apps - GitHub Docs
Scopes let you specify exactly what type of access you need. Scopes limit access for OAuth tokens. They do not grant any additional...
Read more >
Support multi-login and multiple user profiles #21 - GitHub
The user may have multiple accounts for one website, multiple users may be using the same browser to log in to a specific...
Read more >
Multi-User Support · Issue #165 · Kovah/LinkAce - GitHub
LinkAce should support multiple user accounts which then can independently manage their links. Current challenges: There must be at least two roles: admin ......
Read more >
Enable multi-user authorization for AWS · Issue #4761 - GitHub
Yes, It's ready and I tested it's working fine on my side. kubeflow/manifests#908 adds extra component only used by aws. Should be very...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found