Github is providing OAuth Service. You can implement Github Login on your website so that user doesn’t need to remember another password for your website. You will also get worthy email addresses to connect with users. Get Google GSON Java Library to handle JSON responses.
OAuth 2.0 Flow
- User will click on Auth login link
- Github Auth server will show permission screen to user
- Once user accepts to the scope, It will send code to App Server ( Redirect URI)
- Once we got code, get access token by using client secret id
- Access User’s Information using that access token
Register App on Github
You can find detail OAuth2 flow on github developers page . First you need to create app in github developer account
Register App On Github
Click here to register you app. Enter required details in the shown form. Here I have registered demo app with name "SodhanaLibrary Demos". You can find sample details in below image.
Don’t make "Client Secret Id" public. Remaining details can be exposed to user
Prepare Login URL
Now you have to provide one URL for user to login with github. That URL should contain client id, redirect url, scope as parameters . Find below for sample URL for sodhanalibrary demo app
client_id – Provide your app client id
redirect_uri – Provide your app redirect url
scope – Scope is based on required details of user. Click here to find different scopes
state – It is unguessable string to avoid cross site forgery request attacks. It is optional
Get Access Token
Once user click on above link, It will ask for User’s permission to provide information to your site. Once user click on accept it will redirect to Your APP Redirect URI?code=[some code here]. Here you will get code value at server side. So you need to access this from Java or PHP or any other server side language.
Get Code value and format URL
Observe below URL. Highlighted words has to be replaced with your own app details