The GitHub management portal team took a look at what it would mean to expand the usefulness of the technology to additional authentication and data systems.
While the portal implementation builds around the common ‘passport’ family of authentication libraries for Node.js, it was very much designed and tightly coupled to both Microsoft’s Azure Active Directory and GitHub authentication. The team hacked on two different approaches by adapting the system to work as a proof-of-concept with a reverse proxy auth passport library and also a more standard OAuth2 library, allowing in this case integration of auth for Salesforce (David) and Dropbox (Luke). Jeff W (Microsoft) also validated an approach with GSuite/Google auth.
The outcome of this work was an initial thinking around making these components more approachable and pluggable, and then also a desire to use Postgres as a data store option - this will require a provider model and will be a focus going forward to enable this choice.
You can find a number of issues around refactoring and other conversations being created within the public GitHub repository here: https://github.com/microsoft/opensource-portal/issues
It was great having some participation in looking at the management portal as an early attempt to get more TODO members involved. From here there will also be some thinking put into refactoring and componentization that would enable value-add components (such as invitation expiration, digest generation, cache helpers, automatic team permissions, linking) to be individual opt-in components in a larger suite of GitHub management and open source tools, without needing to adopt a monolith. Members interested in participating should reach out to the hackathon group’s members or open an issue and start a conversation.
If you’re interested in hacking on these type of tools, please check out the respective repositories for contribution ideas and if you want to hack F2F with us next time, please consider joining the TODO Group as a member.