[JIRA] (JENKINS-43214) Support for multiple jenkins master with one github application using redirect uri

sungho.moon@navercorp.com (JIRA)

unread,

Mar 30, 2017, 4:36:04 AM3/30/17

to jenkinsc...@googlegroups.com

stephen moon created an issue

Jenkins /

JENKINS-43214

Support for multiple jenkins master with one github application using redirect uri

Issue Type:	Improvement
Assignee:	Sam Gleske
Components:	github-oauth-plugin
Created:	2017/Mar/30 8:35 AM
Environment:	github oauth plugin 0.25 jenkins 2.46.1
Priority:	Minor
Reporter:	stephen moon

Hello.

In my company, we use github enterprise on premise and a lot of jenkins for many department. That is, there are multiple jenkins masters here.

To use github oauth plugin, people have to make their application in github to get their clientId and client secret per jenkins master. But I think it is redundant.

If we can use "redirect urls" of github oauth, we don't need to make that many jenkins applications in github. You can find more information [here|https://developer.github.com/v3/oauth/#redirect-urls.]

To be specific, we can set different redirect uri in each jenkins master for their "finish login url" with same client ID and client secret. Then we just need one github application for the client ID and the client secret.

However, it seems not possible to set redirect uri with github oauth plugin. So I could change it to support multi-master jenkins.

Add Comment

This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e)

fred.vogt@gmail.com (JIRA)

unread,

Sep 8, 2019, 5:41:03 AM9/8/19

to jenkinsc...@googlegroups.com

Fred Vogt commented on

JENKINS-43214

Re: Support for multiple jenkins master with one github application using redirect uri

https://github.com/jenkinsci/github-oauth-plugin/pull/111 Addresses this.

https://developer.github.com/apps/building-oauth-apps/authorizing-oauth-apps/#redirect-urls

Would be nice to get it reviewed and merged.

It appears that the Github OAuth app URL would have to be a virtual host.

Jenkins servers would then pass the redirect URI sub-path.

Example:

 
                                                                Github OAuth App Callback URL:
https://jenkins.example.com/github-oauth

Redirect URL: 
https://jenkins.example.com/github-oauth/<environment>/<instance>/securityRealm/finishLogin

Where the vhost 'jenkins.example.com/github-oauth' using path based routing to proxy the callback to the correct jenkins server:
https://jenkins-<instance>.<environment>.example.com/securityRealm/finishLogin 
                                                            

Add Comment

This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)

fred.vogt@gmail.com (JIRA)

unread,

Feb 29, 2020, 2:42:03 AM2/29/20

to jenkinsc...@googlegroups.com

Fred Vogt commented on

JENKINS-43214

Re: Support for multiple jenkins master with one github application using redirect uri

Sam Gleske - using a build of 0.34-snapshot with PR-111 merged, conflicts fixed I was able to confirm his changes work as expected.

For compatibility having a constructor overload with the old signature in the GithubSecurityRealm:

 
                                                                new GithubSecurityRealm(githubWebUri, githubApiUri, clientID, clientSecret, oauthScopes,)

new GithubSecurityRealm(githubWebUri, githubApiUri, clientID, clientSecret, oauthScopes, redirectUri)

I commented in the PR how I tested this.

This is great. I've wanted this for a long time. What do we have to do to get this into 0.34 ?

Add Comment

This message was sent by Atlassian Jira (v7.13.12#713012-sha1:6e07c38)

Reply all

Reply to author

Forward