Modify the OAuth scopes to limit to public repositories only

2017-08-01 19:04:38 -07:00 · 2017-08-01 19:04:38 -07:00 · 03ad414bad
parent 894f252167
commit 03ad414bad
2 changed files with 2 additions and 2 deletions
--- a/init.groovy.d/setup-github-oauth.groovy
+++ b/init.groovy.d/setup-github-oauth.groovy
@ -33,7 +33,7 @@ def realm = new GithubSecurityRealm('https://github.com',           /* GitHub we
                                    'https://api.github.com',       /* GitHub API URI */
                                    System.env.get('CLIENT_ID') ?: 'f19661554c93f3b11cfe',         /* OAuth Client ID */
                                    System.env.get('CLIENT_SECRET') ?: '0672e14addb9f41dec11b5da1219017edfc82a58',/* OAuth Client Secret */
-                                    'read:org,user:email'           /* OAuth permission scopes */
+                                    'read:public_repo,user:email'           /* OAuth permission scopes */
                                    )
 Jenkins.instance.authorizationStrategy = authorization
 Jenkins.instance.securityRealm = realm
--- a/webapp/app.rb
+++ b/webapp/app.rb
@ -28,7 +28,7 @@ module CodeValet
      config.failure_app = AuthFailre
      config.default_strategies :github
      config.scope_defaults :default, :config => {
-        :scope            => 'read:org,user:email',
+        :scope            => 'read:public_repo,user:email',
        :client_id        => ENV['GITHUB_CLIENT_ID'] || 'a6f2001b9e6c3fabf85c',
        :client_secret    => (ENV['GITHUB_CLIENT_SECRET'] || '0672e14addb9f41dec11b5da1219017edfc82a58').chomp,
        :redirect_uri     => ENV['REDIRECT_URI'] || 'http://localhost:9292/github/authenticate',