43

I want to work in my localhost and my live domain, there is any way to insert more then one callback to github oauth settings? How we solve this problem?

Redirect URLs

Improve this question
1
  • according to @tnzk below, localhost redirects are always allowed, so you shouldn't need to add localhost explicitly as an allowed URL Commented Aug 27 at 9:04

4 Answers 4

Reset to default
52

I solved this issue by creating a dedicated OAuth application on Github for my local development environment. So I have the following 2 OAuth applications:

  1. My official OAuth application for production

    • Client ID: ABC
    • Client Secret: 123
    • Authorization callback URL: https://example.com/api/v1/security/oauth/github/callback

  2. My private OAuth application for development

    • Client ID: XYZ
    • Client Secret: 456
    • Authorization callback URL: https://localhost/api/v1/security/oauth/github/callback

When I configure my API in local, I use the ID and secret of the development application (2). And in production I use the ID and secret of my official application (1).

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

This is the right way to go. Everything else is just a hack. Also, Github should provide a way to specify multiple callbacks though.
19

The bad news is we can't insert more than one callback to GitHub OAuth setting.

Good news is that we can use multiple callback sub-url under our callback url, then you can redirect(proxy) it to any callback url that you want.

for example, if your callback url is: domain.com/auth/github/callback, then the following callback url are all valid:

  1. domain.com/auth/github/callback/sub-callback-1
  2. domain.com/auth/github/callback/sub-callback-2
  3. domain.com/auth/github/callback/sub-callback-3

etc.

After redirect to sub-callback-N with all parameters, then we could jump to any other callback url as you expected.

Improve this answer

4 Comments

My problem is I would like one authorized callback URL to work locally https://localhost/auth/github/callback and one to be used in production https://example.net/auth/github/callback. Can this be achieved with what you describe above?
I think so. I believe you can set up a https://example.net/auth/github/callback-localhost and then let your server redirect it to localhost to archive that.
Putting some more thoughts into it, I don't think this is a good solution because if I configured my OAuth app for production with https://example.net/auth/github/callback it means I have to change the configuration of my web server in production to redirect to https://localhost/auth/github/callback. Right? I have proposed another solution below. What do you think?
Adding a additional redirect url for development is not needed. Since loopback urls are always allowed. See GitHub OAuth Docs. Please note that you have to use 127.0.0.1 or ::1 instead of localhost
3

According their doc, you don't need to register localhost redirect URLs, but it just accepts URLs even if it doesn't match the registered one as long as its host part is localhost.

Improve this answer

Comments

2

Instead of using localhost, you can modify your hosts file and point your domain to use 127.0.0.1. On a Mac, open the hosts file located under:

Computer > Macintosh HD > etc

Add the entry for your domain. For example if your domain is mycoolapp.com

127.0.0.1 mycoolapp.com

Just make sure to comment out this line when you want to test using your production server:

#127.0.0.1 mycoolapp.com

Using this solution, you don't need to maintain two separate configurations.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.