Applications Alternatives

applications reviews and mentions

• Easily Serve Internal Documentation Behind OAuth Authentication
  6 projects | dev.to | 1 Jul 2022

  Visit the page to register a new app and provide the required details. Application Name: Docusaurus OAuth Example Homepage URL: Whatever heroku open opened in your browser Authorization callback URL: /oauth2/callback

• How to use the GitHub rest API with SvelteKit
  2 projects | dev.to | 2 May 2022

  To set up an OAuth app with GitHub, go to Your Profile > Settings > Developer Settings > OAuth Apps > New OAuth App or alternatively, go to this link if you're already logged into GitHub.

• GitHub: Attack campaign involving stolen OAuth user tokens issued to two third-party integrators
  1 project | reddit.com/r/programming | 16 Apr 2022

  They persist until revoked.

• Heroku Security Incident
  3 projects | news.ycombinator.com | 15 Apr 2022

  Tangentially, You can view your oauth linked services here https://github.com/settings/applications

• GitHub Authentication for Kubernetes – a Step-by-Step Guide
  4 projects | dev.to | 15 Apr 2022

  Create a new OAuth app with the following information:

• Nextjs: Oauth and Credentials authentication with NextAuth
  2 projects | dev.to | 21 Mar 2022

  Go to GitHub Developer website and fill the required fields

• OAuth2 in NestJS for Social Login with GitHub (and Google, Facebook, …)
  2 projects | dev.to | 9 Feb 2022

  First you have to register a new OAuth application in GitHub:

• Unsolicited email from CodersRank to Github address.
  1 project | reddit.com/r/github | 20 Jan 2022

  Check if you have authorized CodersRank as an application here, it is likely that you have granted Github permissions to allow CodersRank to read your email address and any other public information.

• Understanding and Implementing OAuth2 In Node.js
  5 projects | dev.to | 16 Dec 2021

  So, let's create a new application by clicking this link. Make sure to fill in all the fields, as shown in the image below:

• Node.js GitHub Authentication using Passport.js and MongoDB
  3 projects | dev.to | 8 Nov 2021

  Before using passport-github2, you must have a Github account and register an application with Github. If you have not done this, You can do that here. Your Homepage URI and Callback URI should match the one in your application. Your application will be issued a Client ID and Client secret, which this strategy needs to work.

• Facebook hacker beat my 2FA, bricked my Oculus, and hit the company credit card
  7 projects | news.ycombinator.com | 20 Aug 2021

  That's an interesting concept.

  Thinking about it for a bit, I'm sadly hesitant that it might need to be built as a browser extension or mobile app, rather than a website, because none of these services provide programmatically-accessible (even read-only) feeds of what you're looking for, so you'd need to scrape everything. This brings up two issues: 1) the headache of IP ratelimiting (and/or flat-out IP bans from trigger-happy systems optimized for fighting fraud/bots hosted on cloud infrastructure). IIUC there are proxy services that you can outsource the workaround problem to, but this is awkward to get behind in the face of 2), which is that users would need to input their actual usernames and passwords so that the service could request the account page with the details on it in order to scrape the data.

  Given that these are broadly web services poked at via HTTPS, you could potentially get everything you needed from a browser extension (as long as the service doesn't require you to set any HTTP headers that extensions aren't allowed to touch).

  The second possibility is using an app. Writing a thin layer that lets you craft custom HTTPS/whatever requests from a WebView would probably be the most straightforward approach.

  The main issue with both the extension and app approaches is that they code-dump both the idea and methodology of "here is how to do X" into the hands of the IQ-99 skiddie group (especially with an extension). So now you have more people running around scraping pages and whatnot and trying to figure out how to weaponize everything. Probably won't go anywhere (in terms of producing actual attacks), but the noise may potentially make your life harder.

  The least-complex solution seems to just be a giant boring list of links, for example:

  - https://myaccount.google.com/permissions

  - https://twitter.com/settings/connected_apps, https://twitter.com/settings/connected_accounts

  - https://github.com/settings/apps/authorizations, https://github.com/settings/applications, https://github.com/settings/installations, https://github.com/settings/apps, https://github.com/settings/developers, https://github.com/settings/tokens

  Hmm, that's kind of all over the place for some things. A single aggregate view that combines everything could definitely be very interesting...

• check50/submit50 unable to authenticate
  1 project | reddit.com/r/cs50 | 31 Mar 2021

  Go to https://github.com/settings/applications and revoke CS50 Submit and CS50.me.

• GitHub Has a Permission Problem
  1 project | news.ycombinator.com | 16 Mar 2021

  Since the author doesn't link to it, here's where you can manage your Authorized OAuth apps (warning, password prompt):

  https://github.com/settings/applications

• Managing local app secrets and sharing secrets with your team
  4 projects | dev.to | 11 Jan 2021

  To create secrets and follow along you will need a GitHub account. Go here https://github.com/settings/applications/new