Codeberg/Community
60
387
Fork
You've already forked Community
12

How to add a sign-in with codeberg feature to my services #463

Closed
opened 2021年06月03日 14:21:38 +02:00 by Bubu · 7 comments
Member
Copy link

I run a weblate instance as well as a gitlab. Especially the weblate is actually used by a couple of projects hosted on codeberg.org. The gitlab obviously not but I use it for my personal projects and I'd like to reduce contributor friction as well as promote codeberg.

Both weblate and gitlab support social login via several services, In particular I have enabled gitlab.com and github as login providers. I'd like to add codeberg.org to that list.

I think it's possible to use gitea as an indentity provider?

Has anyone ever done this? Are there any docs on this available?

I run a [weblate instance](https://weblate.bubu1.eu) as well as a [gitlab](https://git.bubu1.eu). Especially the weblate is actually used by a couple of projects hosted on codeberg.org. The gitlab obviously not but I use it for my personal projects and I'd like to reduce contributor friction as well as promote codeberg. Both weblate and gitlab support social login via several services, In particular I have enabled gitlab.com and github as login providers. I'd like to add codeberg.org to that list. I think it's possible to use gitea as an indentity provider? Has anyone ever done this? Are there any docs on this available?
Owner
Copy link

Have a look at https://docs.gitea.io/en-us/oauth2-provider/, I think this is what you are looking for (at least this should allow Gitea to Gitea login), and chat with @6543 who used this to allow sign-in to https://code.obermui.de.

I wonder if it's possible to allow sign-in without granting access to all account data ...

Have a look at https://docs.gitea.io/en-us/oauth2-provider/, I think this is what you are looking for (at least this should allow Gitea to Gitea login), and chat with @6543 who used this to allow sign-in to https://code.obermui.de. I wonder if it's possible to allow sign-in without granting access to all account data ...
Author
Member
Copy link

I wonder if it's possible to allow sign-in without granting access to all account data ...

Not yet, this is tracked here: https://github.com/go-gitea/gitea/issues/4300 (and yes, this is very much needed for a "login with codeberg" feature to make any sense from a security standpoint.)

> I wonder if it's possible to allow sign-in without granting access to all account data ... Not yet, this is tracked here: https://github.com/go-gitea/gitea/issues/4300 (and yes, this is very much needed for a "login with codeberg" feature to make any sense from a security standpoint.)
Author
Member
Copy link

When I try to create a new ouath app under https://codeberg.org/user/settings/applications I only get a 500 error. Unfortunately that's not very helpful in figuring out what I'm doing wrong :(.

This is what I'm trying to input there:
image

Aaaand now it randomly stated working.

When I try to create a new ouath app under https://codeberg.org/user/settings/applications I only get a 500 error. Unfortunately that's not very helpful in figuring out what I'm doing wrong :(. This is what I'm trying to input there: ![image](/attachments/8623f8eb-d389-4296-a1d9-658922bb1aba) ### Aaaand now it randomly stated working.
Author
Member
Copy link

Some updates:

I tried condiguring the gitlab side of this, interestingly best documented in the Synapse docs here: https://github.com/matrix-org/synapse/blob/develop/docs/openid.md#gitea

Gitlab throws a weird 500 error upon calling the callback, let's see what they say:
https://gitlab.com/gitlab-org/gitlab/-/issues/332738

For weblate it seems that setting some config options is not enough, you have to implement a custom backend for Python Social-Auth-Core I didn't get around to this yet.

Some updates: I tried condiguring the gitlab side of this, interestingly best documented in the *Synapse* docs here: https://github.com/matrix-org/synapse/blob/develop/docs/openid.md#gitea Gitlab throws a weird 500 error upon calling the callback, let's see what they say: https://gitlab.com/gitlab-org/gitlab/-/issues/332738 For weblate it seems that setting some config options is not enough, you have to implement a custom backend for [Python Social-Auth-Core](https://github.com/python-social-auth/social-core#python-social-auth---core) I didn't get around to this yet.
Author
Member
Copy link

MR for social-core: https://github.com/python-social-auth/social-core/pull/595

Weblate feature request/question to make it easier to add the codeberg name/logo: https://github.com/WeblateOrg/weblate/issues/6163

MR for social-core: https://github.com/python-social-auth/social-core/pull/595 Weblate feature request/question to make it easier to add the codeberg name/logo: https://github.com/WeblateOrg/weblate/issues/6163
Author
Member
Copy link

Update: So while the gitlab issue is still stuck (I have a different idea I need to try out eventually), for weblate this should work if you use the latest weblate version together with the master version of the social-login-core package. (Yes, this means you can't use any prebuilt docker containers or something like that.)

Update: So while the gitlab issue is still stuck (I have a different idea I need to try out eventually), for weblate this should work if you use the latest weblate version together with the `master` version of the social-login-core package. (Yes, this means you can't use any prebuilt docker containers or something like that.)
Is this adequate? https://docs.codeberg.org/integrations/keycloak/
Sign in to join this conversation.
No Branch/Tag specified
main
No results found.
Labels
Clear labels
accessibility
Reduces accessibility and is thus a "bug" for certain user groups on Codeberg.
bug
Something is not working the way it should. Does not concern outages.
bug
infrastructure
Errors evidently caused by infrastructure malfunctions or outages
Codeberg
This issue involves Codeberg's downstream modifications and settings and/or Codeberg's structures.
contributions welcome
Please join the discussion and consider contributing a PR!
docs
No bug, but an improvement to the docs or UI description will help
duplicate
This issue or pull request already exists
enhancement
New feature
infrastructure
Involves changes to the server setups, use `bug/infrastructure` for infrastructure-related user errors.
legal
An issue directly involving legal compliance
licence / ToS
involving questions about the ToS, especially licencing compliance
please chill
we are volunteers
Please consider editing your posts and remember that there is a human on the other side. We get that you are frustrated, but it's harder for us to help you this way.
public relations
Things related to Codeberg's external communication
question
More information is needed
question
user support
This issue contains a clearly stated problem. However, it is not clear whether we have to fix anything on Codeberg's end, but we're helping them fix it and/or find the cause.
s/Forgejo
Related to Forgejo. Please also check Forgejo's issue tracker.
s/Forgejo/migration
Migration related issues in Forgejo
s/Pages
Issues related to the Codeberg Pages feature
s/Weblate
Issue is related to the Weblate instance at https://translate.codeberg.org
s/Woodpecker
Woodpecker CI related issue
security
involves improvements to the sites security
service
Add a new service to the Codeberg ecosystem (instead of implementing into Forgejo)
upstream
An open issue or pull request to an upstream repository to fix this issue (partially or completely) exists (i.e. Forgejo, Weblate, etc.)
wontfix
Codeberg's current set of contributors are not planning to spend time on delegating this issue.
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
3 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
Codeberg/Community#463
Reference in a new issue
Codeberg/Community
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?