i created a webhoo on bitbucket, and want to make it secure with a secret token (or any other method). The manual describes how to use a secret token for securing a webhook:
https://developer.github.com/webhooks/securing/#setting-your-secret-token
But when i create a new webhook there is no field or secret box as described in the manual. Is the manual wrong or outdated? Or do i miss something?
Thanks!
Thanks to jk622:
Your documentation is for github, not bitbucket. As of 15-Jul-2020, this feature has not been implemented.
Related
I used jira python api to login and change the state of jira issue, or do other things. I want to know is there a token based approach that user will not have to enter password again and again !
There is no "Python" API in Jira, there is a REST API you can call from any language. If you use a library like "jira-python" you can read the docs here regarding authentication.
If you use Jira on-premise check this documentation page regarding authentication, you can use the cookie-based authentication.
If you use Jira cloud check this documentation page regarding authentication with tokens.
I enabled OAuth 2.0 with github now everyone who has github and not in my organization unit can login to spinnaker
How do I restrict this ?
Spinnaker 1.5.2
Clouddriver 1.0.2-20171221211744 (2017-12-21
I don't think this is possible in the current Spinnaker release. I recently saw on the Spinnaker Slack channel that there is a PR to fix this that has been merged, so it should get released soon(just not sure when).
I would recommend joining the Spinnaker Slack channel as it is pretty active, and can help you stay current on what is being worked on.
Also try posting to community.spinnaker.io
I am trying out AWS API Gateway, and it's very easy to import/export API definition from Swagger.
However, I've set my API to require AWS_IAM authorization so it's not public. But I cannot find how to make it work with Swagger UI. It seems Swagger UI only takes API Key, instead of IAM user's Access Key and Secret for Sigv4 signing.
Does anyone know is there a way to configure Swagger UI to take in Access Key/Secret, and sign the request for AWS_IAM auth?
Any direction would be appreciated.
Thanks,
Swagger UI OOTB does not support AWS_IAM auth, however, there you can still accomplish Sigv4 Signing. How to calculate AWS signature V4 in Swagger before request gives two good examples on how to accomplish this.
I used the second example, in conjunction with the author's blog post to test with multiple user Access Key/Secrets. The blog post also goes into more detail on using the AWS JS SDK for this purpose.
We have a legacy Identity Provider which only supports two authentication mechanisms:
Oauth 1.0.
A custom service I can call with a user and password and
obtain a session token which then has to be placed in a custom
header of every other call to the IdP —to get user info and such.
I’d like to know whether there’s any plugin that will allow configuring Jenkins to delegate authentication to such an IdP through either mechanism. I'm starting to look at the Oauth Credentials Plugin, but it doesn't look like it'll do the trick.
By itself, this library has no user visible changes, it is intended only to surface new extension points on top of which OAuth providers may surface their own OAuth2Credentials implementations.
If not, then what are my options here? I’m thinking of writing a plugin to implement one of these. Is there a good guide I can use? Or an existing plugin I should extend?
As it turns out —and just in case anyone else is wondering how to do this— the Oauth Credentials Plugin is not for delegating Jenkins authentication to an Oauth Identity Provider. It's for creating Jenkins credentials which can then be used by jobs.
At this point in time, there's no plugin which will allow you to delegate Jenkins authentication to an identity providier exposing the deprecated Oauth 1.0 spec. You'll have to implement your own. The right way to do this is to extend this class:
hudson.security.SecurityRealm
I started doing this by following the examples set by Github's and Google's Oauth 2.0 plugins. But these both take very different approaches to the same problem — which filled my head with questions. So I did some more research and found this nice article which explains the basics and also points to a bare bones security realm example of how to do this. It helped me a lot. I hope it'll help others as well.
I'm trying to create an oauth2 token for an organization. This seems to be impossible (or at least I'm not finding it). This will be used for various one of scripts (non-web use). This is also for an enterprise github (github.company.com/api/v3 vs api.github.com).
I created one under my user like this:
curl -u 'username:password' -d '{"scopes":["scripts!"],"note":"test?"}' https://github.company.com/api/v3/authorizations
and that worked as expected. What I can't figure out is the magical way to do this under an organization since an organization doesn't have basic auth credientals. I haven't been able to find any documentation that tells me how to give something a client id/secret and get an oauth token out of it, which seems like the thing I would want to do.
If anyone could help that would be much appreciated.
At the moment of this writting this is not supported
You can't create a token for the org directly, but if you have a dev account that has full access to the org, you can do this (sort of), just in a round about way.
Create the oauth token for that dev account.
When registering the token with a 3rd party (e.g. Confluence, Jira, etc...) you can specify the org as the "Team"/"Owner".
This will use the dev accounts credentials but only grant access to things under the org (not full access to the dev account's repos, etc...).
I came across your question when trying to link a github org account with my company's Jira account, so figured I'd share.
Hope that helps.
I'm pretty sure that's not possible currently. As you say -- the organization itself doesn't have any credentials associated with it. So, the only way to do it is to do it yourself, as a developer, with your credentials.
This might be a cool feature request to send to the GitHub folks.
Update: this setting is now under
Developer settings > OAuth Applications