Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Extend GitHub OAuth to Support GitHub Enterprise #1484

Open
devangtomar opened this issue Oct 25, 2024 · 0 comments
Open

Extend GitHub OAuth to Support GitHub Enterprise #1484

devangtomar opened this issue Oct 25, 2024 · 0 comments
Labels
enhancement New feature or request needs-triage

Comments

@devangtomar
Copy link

devangtomar commented Oct 25, 2024

  1. Is your feature request related to a problem? Please describe.

    Currently, the GithubOAuthProvider in the Chainlit repository only supports the standard GitHub URL for authorization and token retrieval. This limitation prevents users from utilizing custom GitHub instances, which require a different base URL for OAuth operations.

  2. Describe the solution you'd like

    I propose extending the GithubOAuthProvider class to support custom GitHub URLs by allowing the URL to be specified as an environment variable, similar to how OAUTH_GITHUB_CLIENT_ID and OAUTH_GITHUB_CLIENT_SECRET are handled. This change would involve modifying the oauth_providers.py file to include a new environment variables, OAUTH_GITHUB_CUSTOM_URL and OAUTH_GITHUB_CUSTOM_API_URL, and updating the authorization and token URLs accordingly.

    Here is the code that needs to be changed in oauth_providers.py:

    class GithubOAuthProvider(OAuthProvider):
        id = "github"
        env = ["OAUTH_GITHUB_CLIENT_ID", "OAUTH_GITHUB_CLIENT_SECRET", "OAUTH_GITHUB_URL"]
        authorize_url = os.environ.get("OAUTH_GITHUB_URL", "https://github.com") + "/login/oauth/authorize"
    
        def __init__(self):
            self.client_id = os.environ.get("OAUTH_GITHUB_CLIENT_ID")
            self.client_secret = os.environ.get("OAUTH_GITHUB_CLIENT_SECRET")
            self.authorize_params = {
                "scope": "user:email",
            }
    
            if prompt := self.get_prompt():
                self.authorize_params["prompt"] = prompt
    
        async def get_token(self, code: str, url: str):
            base_url = os.environ.get("OAUTH_GITHUB_URL", "https://github.com")
            payload = {
                "client_id": self.client_id,
                "client_secret": self.client_secret,
                "code": code,
            }
            async with httpx.AsyncClient() as client:
                response = await client.post(
                    f"{base_url}/login/oauth/access_token",
                    data=payload,
                )
                response.raise_for_status()
                content = urllib.parse.parse_qs(response.text)
                token = content.get("access_token", [""])[0]
                if not token:
                    raise HTTPException(
                        status_code=400, detail="Failed to get the access token"
                    )
                return token
    
        async def get_user_info(self, token: str):
            base_url = os.environ.get("OAUTH_GITHUB_URL", "https://api.github.com")
            async with httpx.AsyncClient() as client:
                user_response = await client.get(
                    f"{base_url}/user",
                    headers={"Authorization": f"token {token}"},
                )
                user_response.raise_for_status()
                github_user = user_response.json()
    
                emails_response = await client.get(
                    f"{base_url}/user/emails",
                    headers={"Authorization": f"token {token}"},
                )
                emails_response.raise_for_status()
                emails = emails_response.json()
    
                github_user.update({"emails": emails})
                user = User(
                    identifier=github_user["login"],
                    metadata={"image": github_user["avatar_url"], "provider": "github"},
                )
                return (github_user, user)```

Describe alternatives you've considered

An alternative could be to manually modify the URLs in the code for each custom GitHub instance, but this approach is not scalable or user-friendly.

Additional context

By implementing this change, users will be able to configure the OAuth provider to work with their GitHub instances by setting the OAUTH_GITHUB_CUSTOM_URL and OAUTH_GITHUB_CUSTOM_API_URL environment variables.

@dosubot dosubot bot added the enhancement New feature or request label Oct 25, 2024
@devangtomar devangtomar changed the title Extend GitHub OAuth to Support Custom GitHub URL Extend GitHub OAuth to Support GitHub Enterprise Oct 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request needs-triage
Projects
None yet
Development

No branches or pull requests

1 participant