Versions Compared

Old Version 26

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Warning

For latest instructions on how to configuring the Github authenticator, see Github Authenticator Github repository.

This page provides instructions on how to configure the Github authenticator and Identity Server using a sample app. You can find more information in the following sections.

Info

Github Authenticator  is supported by Identity Server versions 5.1.0 upwards.

Table of Contents
maxLevel3
minLevel3

Anchor
Deploying Github artifacts
Deploying Github artifacts
Deploying Github artifacts

  • Download the artifacts for this authenticator from  the store.

  • Place the org.wso2.carbon.identity.authenticator.github-1.0.0.jar file into the <IS_HOME>/repository/components/dropins directory.

    Note

    If you want to upgrade the Githubthe Github Authenticator (.jar) in your existing IS pack, please refer upgrade instructions.

Anchor
Configuring the Github App
Configuring the Github App
Configuring the Github App

  1. Go to https://www.github.com/, and create a github account.
  2. Register your app at  https://github.com/settings/applications/new .
    Image Modified
  3. Use https://localhost:9443/commonauth as the authorization callback URL when you register the client.
  4. Now you can get the clientId and clientSecret of your created app.

Anchor
Deploying travelocity.com sample app
Deploying travelocity.com sample app
Deploying travelocity.com sample app

...

  1. Download the WSO2 Identity Server from here.

  2. Run the WSO2 Identity Server.
  3. Log in to the management console as an administrator.
  4. In the Identity Providers section under the Main tab of the management console, click Add.
  5. Give a suitable name for Identity Provider Name.

  6. Navigate to Github Configuration under Federated Authenticators

  7. Enter the values as given in the above figure.

    • Client Id: Client Id for your app.
    • Client Secret: Client Secret for your app.
    • Scope: Scope of the authorize token. For information on available scopes, see Scopes.
    • Callback URL: Service  Service Provider's URL where code needs to be sent .

  8. Select both checkboxes to Enable the Github authenticator and make it the Default.

    Expand
    titleClick here to see descriptions about configuration property values
    PropertyDescriptionSample Value
    EnableSelecting this option enables github to be used as an authenticator for users provisioned to the Identity Server.Selected
    DefaultSelecting the Default checkbox signifies that github is the main/default form of authentication. This removes the selection made for any other Default checkboxes for other authenticators.Selected
    ClientIDThis is the username from the github application8437ce9b8cfdf282c92b
    Client SecretThis is the password from the github application. Click the Show button to view the value you enter.7219bb5e92f4287cb5134b73760e039e55d235d
    ScopeScope of the authorize token. For information on available scopes, see Scopes.
    Callback URL

    This is the URL to which the browser should be redirected after the authentication is successful. The URL should be specified in the following format:
    https://<HOST_NAME>:<PORT>/acs

    		https://localhost:9443/commonauth

  9. Click Register.

...

  1. Return to the management console.

  2. In the Service Providers section, click Add under the Main tab.

  3. Since you are using travelocity as the sample, enter travelocity.com in the Service Provider Name text box and click Register .

  4. In the Inbound Authentication Configuration section, click Configure under the SAML2 Web SSO Configuration section.

  5. Now set the configuration as follows:

    1. Issuer: travelocity.com

    2. Assertion Consumer URL http://localhost:8080/travelocity.com/home.jsp

  6. Select the following check-boxes:

    1. Enable Response Signing.

    2. Enable Single Logout.

    3. Enable Attribute Profile.

    4. Include Attributes in the Response Always.

  7. Click Update to save the changes. Now you will be sent back to the Service Providers page.

  8. Navigate to the Local and Outbound Authentication Configuration section.

  9. Select the identity provider you created from the drop-down list under Federated Authentication.

  10. Ensure that the Federated Authentication radio button is selected and click Update to save the changes. 

...

  1. To test the sample, go to the following URL: http://<TOMCAT_HOST>:<TOMCAT_PORT>/travelocity.com/index.jsp. E.g., http://localhost:8080/travelocity.com

  2. Login with SAML from SAML from the WSO2 Identity Server.

    Image Modified

  3. Enter your Github credentials in the prompted login page of Github. Once you log in successfully you successfully you will be taken to the home page of the travelocity.com app.