Seite wählen

NETWAYS Blog

Authentication with OAuth

It’s pretty safe to say, that everyone using the web has already made an account for some website. For the broad masses the most common ones would be social media sites like facebook, youtube and twitter. Then there are also online shopping platforms like e-bay and amazon, and more techie orientated pages like stack overflow and all sorts of version control repositories.
(And of course various others for anything and everything else…)

Third party applications often allow you to sign in with your account from another website.


The good thing is, that you don’t need to create a separate account for every single one, but are offered the possibility to just sign in with an account you created for a different service.
The page for which you want to use a different account needs to request data from the original website and use it to authenticate the user (without their input).
In order to give both the requesting website and the user assurance that the data will be safe and reliable some sort of standardisation is required.
Most commonly used is the open standard for authorisation OAuth.
With OAuth it is possible for users to grant access to their information from a certain website without giving away their credentials.

This is what it looks like when the user reviews the permissions.


In order for the third party application to obtain specific information about a user, it has to request an access token from the authorisation server, and when the user grants the permission, use that token to access the resources from the website.
In our specific case we want users to be able to log in to Icinga Exchange with their GitHub accounts.
If you now also want to integrate GitHub on your website and/or see how it’s done: they have a detailed tutorial here.

Feu Mourek
Feu Mourek
Developer Advocate

Feu verbrachte seine Kindheit im schönen Steigerwald, bevor es sich aufmachte die Welt zu Erkunden. Seit September 2016 unterstützt es Icinga zunächst als Developer und seit 2020 als Developer Advocate, und NETWAYS als Git und GitLab Trainer. Seine Freizeit verbringt es hauptsächlich damit Video-, und Pen and Paper Rollenspiele zu spielen, sich Häuser zu designen (die es sich nie leisten können wird) oder ganz lässig mit seinem Cabrio durch die Gegend zu düsen.

check_disk_btrfs reloaded

While BTRFS is still considered experimental in some environments, it gets even more popular with Docker and CoreOS setups.
I did write a check plugin for a customer nearly 3 years ago called check_disk_btrfs which parses the output of „btrfs filesystem df /“ and checks against given thresholds.
Over the years, the shell output of the the btrfs cli tool changed and so the plugin was broken. Code quality wasn’t good enough either in a retrospective and so additional feature requests were not added.
opensuse_icingaweb2_disk_btrfsOn Monday Blerim approached me with a question on monitoring the BTRFS filesystem and also told that the plugin was broken. Instead of fixing the old Perl code, I decided to just go for a new implementation in Python, our current language standard for development projects. It also makes usage of „sudo“ optional, and parses the raw bytes output returned from the btrfs cli tool. An example for adding it to Icinga 2 is included as well.
You can download the current 2.0.0 release from Icinga Exchange, and of course sponsor or contribute a feature even. Tested on current OpenSUSE 13.2.