applications VS node-oauth2-server

Go to this link https://github.com/settings/applications/new

🟡 Development app setup Navigate to GitHub OAuth Apps setup https://github.com/settings/developers Create a New OAuth App https://github.com/settings/applications/new Fill in the following details Application name: Azure ChatGPT DEV Environment Homepage URL: http://localhost:3000 Authorization callback URL: http://localhost:3000/api/auth/callback/github 🟢 Production app setup Navigate to GitHub OAuth Apps setup https://github.com/settings/developers Create a New OAuth App https://github.com/settings/applications/new Fill in the following details Application name: Azure ChatGPT Production Homepage URL: https://YOUR-WEBSITE-NAME.azurewebsites.net Authorization callback URL: https://YOUR-WEBSITE-NAME.azurewebsites.net/api/auth/callback/github ⚠️ After completing app setup, ensure your environment variables locally and on Azure App Service are up to date.

Register a new oauth app on github from here

Maybe that's available for you to do again? You will be able to see which apps have access to your github account when you're logged in at: https://github.com/settings/applications

# https://github.com/omniauth/omniauth # https://github.com/settings/applications/new # echo > config/initializers/omniauth.rb # config/initializers/omniauth.rb Rails.application.config.middleware.use OmniAuth::Builder do provider :github, "GITHUB_ID", "GITHUB_SECRET" end

Ouch.

If you're on Github, go to "https://github.com/settings/applications" and you can see, and revoke, any OAuth accesses.

I just discovered that "Improbable" (the game engine backend company) had too much access, obtained because I once signed up to look at their SDK. I revoked that. (They used to be legit, but then they got involved with Yuga Labs, the Bored Ape crypto people, so trusting them is now questionable.)

Now, we need to create a GitHub OAuth app. You can do that from the Github Developer Settings and fill out the information like so:

We can create a GitHub application by navigating to the Settings > Developer settings > OAuth Apps from our profile or simply by clicking here, thus leading us automatically to where we can create the application. From there, we will add the GitHub redirect URL from the Appwrite application to the Authorization callback URL in the application.

Visit the page to register a new app and provide the required details. Application Name: Docusaurus OAuth Example Homepage URL: Whatever heroku open opened in your browser Authorization callback URL: /oauth2/callback

To set up an OAuth app with GitHub, go to Your Profile > Settings > Developer Settings > OAuth Apps > New OAuth App or alternatively, go to this link if you're already logged into GitHub.

NOTE: This project has been forked from oauthjs/node-oauth2-server and is a continuation due to the project appearing to be abandoned. Please see our issue board to talk about next steps and the future of this project.

So aside from that, there's things like oauth-server which does actually allow you to implement an authorization server. So, if you yourself have a database of users that you want third party clients to be able to authenticate against, you can create your own identity server and implement the various flows.... or maybe you have umpteen systems all with their own auth schemes and you want to standardize it - oauth can be used to centralize this authorization.

It's important to know that this far, although you can perfectly build your OAuth2 server from scratch using frameworks, such as the node-oauth2-server, we'll make use of GitHub's capabilities for the sake of simplicity.

you could take a look at https://github.com/oauthjs/node-oauth2-server (you have to do stuff yourself anyways)