[JIRA] (JENKINS-46962) Github Users Outside Organisation get an authenticated user in Jenkins.

1 view
Skip to first unread message

mark@rideamigos.com (JIRA)

unread,
Aug 6, 2019, 2:55:02 PM8/6/19
to jenkinsc...@googlegroups.com
Mark Stosberg commented on Improvement JENKINS-46962
 
Re: Github Users Outside Organisation get an authenticated user in Jenkins.

I'm noting that Google solves this issue by providing "Projects" which are limited to "No Organization" or a single G-Suite organization.

 

Github could solve this on their side by providing OAuth API client credentials which only work for a specific organization.

 

One simple way to implement this feature is to offer a list of "whitelisted domains" as a config option, perhaps just a comma separated list.  After Github authentication is successful, check the user's email address against the domain whitelist. That would require that user's have provided their email to Github and for Github to provide the email back to Jenkins. 
Add Comment Add Comment
 
This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)
Reply all
Reply to author
Forward
0 new messages