Authentication with OAuth

It’s pretty safe to say, that everyone using the web has already made an account for some website. For the broad masses the most common ones would be social media sites like facebook, youtube and twitter. Then there are also online shopping platforms like e-bay and amazon, and more techie orientated pages like stack overflow and all sorts of version control repositories.
(And of course various others for anything and everything else…)

Third party applications often allow you to sign in with your account from another website.

The good thing is, that you don’t need to create a separate account for every single one, but are offered the possibility to just sign in with an account you created for a different service.
The page for which you want to use a different account needs to request data from the original website and use it to authenticate the user (without their input).
In order to give both the requesting website and the user assurance that the data will be safe and reliable some sort of standardisation is required.
Most commonly used is the open standard for authorisation OAuth.
With OAuth it is possible for users to grant access to their information from a certain website without giving away their credentials.

This is what it looks like when the user reviews the permissions.

In order for the third party application to obtain specific information about a user, it has to request an access token from the authorisation server, and when the user grants the permission, use that token to access the resources from the website.
In our specific case we want users to be able to log in to Icinga Exchange with their GitHub accounts.
If you now also want to integrate GitHub on your website and/or see how it’s done: they have a detailed tutorial here.

check_disk_btrfs reloaded

While BTRFS is still considered experimental in some environments, it gets even more popular with Docker and CoreOS setups.
I did write a check plugin for a customer nearly 3 years ago called check_disk_btrfs which parses the output of “btrfs filesystem df /” and checks against given thresholds.
Over the years, the shell output of the the btrfs cli tool changed and so the plugin was broken. Code quality wasn’t good enough either in a retrospective and so additional feature requests were not added.
opensuse_icingaweb2_disk_btrfsOn Monday Blerim approached me with a question on monitoring the BTRFS filesystem and also told that the plugin was broken. Instead of fixing the old Perl code, I decided to just go for a new implementation in Python, our current language standard for development projects. It also makes usage of “sudo” optional, and parses the raw bytes output returned from the btrfs cli tool. An example for adding it to Icinga 2 is included as well.
You can download the current 2.0.0 release from Icinga Exchange, and of course sponsor or contribute a feature even. Tested on current OpenSUSE 13.2.

Michael Friedrich
Michael Friedrich
Senior Developer

Michael ist seit vielen Jahren Icinga-Entwickler und hat sich Ende 2012 in das Abenteuer NETWAYS gewagt. Ein Umzug von Wien nach Nürnberg mit der Vorliebe, österreichische Köstlichkeiten zu importieren - so mancher Kollege verzweifelt an den süchtig machenden Dragee-Keksi und der Linzer Torte. Oder schlicht am österreichischen Dialekt der gerne mit Thomas im Büro intensiviert wird ("Jo eh."). Wenn sich Michael mal nicht in der Community helfend meldet, arbeitet er am nächsten LEGO-Projekt oder geniesst...