GitHub OAuth Apps

TIBCO Developer Hub can be configured to use OAuth Apps for backend authentication. Refer to GitHub Docs to learn more about OAuth Apps. Also, you can learn more about OAuth Apps integration from Backstage Documentation.

Setting up OAuth Apps

The following procedure can create and integrate an OAuth App with the TIBCO Developer Hub.

Creating an Oauth app

    Procedure
  1. Go to your individual or organization account and click Settings.
  2. Select the Developer Settings, and click OAuth Apps. Then, click New OAuth App, and authenticate yourself to view the OAuth Apps Form.

  3. Use the form to customize the OAuth App. Fill out the details, such as your Application Name and the Application Description. A Homepage URL should be the URL of your TIBCO Developer Hub instance. An Authorization callback URL should point to the auth backend of your TIBCO Developer Hub instance.

Settings for TIBCO Developer Hub

  • Application name: tibco_developer_hub (or your custom app name)

  • Homepage URL: <TIBCO Developer Hub instance URL> (ex: http://localhost:3000/tibco/hub)

  • Authorization callback URL: <TIBCO Developer Hub instance URL>/api/auth/github/handler/frame (ex: http://localhost:7007/tibco/hub/api/auth/github/handler/frame)

Note: Replace <TIBCO Developer Hub instance URL> with your actual TIBCO Developer Hub instance URL.

After completing the integration, click Register application to view the homepage of your OAuth App.

Using OAuth Apps with TIBCO Developer Hub

Creating Client Secrets

To create Client secrets, go to your OAuth App and fetch these variables - Client ID (AUTH_GITHUB_CLIENT_ID) and Client secrets (AUTH_GITHUB_CLIENT_SECRET).

Applying Client Secrets to Your Data Plane

    Procedure
  1. Create the secrets file (for example - tibco-hub-secrets.yaml).

  2. Open the .pem file in any code editor and copy the private key. Then, add those values in the following configurations.

    apiVersion: v1
    kind: Secret
    metadata:
      name: tibco-hub-secrets
    type: Opaque
    stringData:
      # replace with your values
      AUTH_GITHUB_CLIENT_ID: ${AUTH_GITHUB_CLIENT_ID} 
      AUTH_GITHUB_CLIENT_SECRET: ${AUTH_GITHUB_CLIENT_SECRET} 
    
    Run this command to apply the secret to your Data Plane:
    kubectl apply -f tibco-hub-secrets.yaml -n <namespace>
Configuration While Provisioning
    Procedure
  1. Add the following code to the custom configuration file while provisioning your TIBCO Developer Hub instance. You can see the auth part, where the new configuration is added to allow OAuth Apps in your instance.

    auth:
     environment: production
     providers:
       guest: null
       github:
        production:
          clientId: ${AUTH_GITHUB_CLIENT_ID}
          clientSecret: ${AUTH_GITHUB_CLIENT_SECRET}
       oauth2Proxy:
         production: {}
     enableAuthProviders: [oauth2Proxy]