Skip to content

server

Directory actions

More options

Directory actions

More options

Latest commit

 

History

History

server

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
auth
auth
 
 
cookies
cookies
 
 
static
static
 
 
README.md
README.md
 
 
ai.go
ai.go
 
 
alerts.go
alerts.go
 
 
assets.go
assets.go
 
 
billing.go
billing.go
 
 
bookmarks.go
bookmarks.go
 
 
deployment.go
deployment.go
 
 
github.go
github.go
 
 
magic_tokens.go
magic_tokens.go
 
 
organizations.go
organizations.go
 
 
page_token.go
page_token.go
 
 
projects.go
projects.go
 
 
provision.go
provision.go
 
 
rbac_old_test.go
rbac_old_test.go
 
 
rbac_test.go
rbac_test.go
 
 
reports.go
reports.go
 
 
repos.go
repos.go
 
 
roles.go
roles.go
 
 
roles_test.go
roles_test.go
 
 
runtime_proxy.go
runtime_proxy.go
 
 
server.go
server.go
 
 
service.go
service.go
 
 
sudo.go
sudo.go
 
 
telemetry.go
telemetry.go
 
 
usergroups.go
usergroups.go
 
 
users.go
users.go
 
 
users_test.go
users_test.go
 
 

README.md

admin/server

GitHub Connection

State Parameter in GitHub Authentication

When integrating with GitHub, installation request for our github app utilize a "state" parameter that is passed to GitHub and returned during the callback process. This mechanism helps maintain context across the OAuth flow.

For GitHub Installation Requests

The state parameter contains a JSON object with two key components:

  1. Repository Association: repo field is used to store the specific repo associated with the original installation request from either the cli or UI. This is used to verify that the installation succeeded.

  2. UI Redirection: redirect field is used to store the redirect url sent in the original installation request. This is mainly used by UI based deploy in rill developer to continue deploy process in the browser.

For GitHub Authentication-Only Requests

For authentication-only requests (without installation):

  • The same two values are stored in the user's session
  • These values are retrieved during the callback process
  • This approach maintains context across the authentication flow