On Sun, May 29, 2022 at 10:09 PM Ben Ramsey <ram...@php.net> wrote: > > On 5/29/22 09:57, Andreas Heigl wrote: > > But the bad news is, that there is also the colobus system which powers > > the NNTP-server backend that a number of people use to interact with the > > mailing-list. Which also has an authentication and would therefore need > > to be switched. So we are back at 9 services. And we switched one that > > is completely under our control to one that isn't as we are merely using > > a (rather old by now) service. > > I've looked into colobus a fair amount, and it does not use > authentication itself. It accepts requests to post to newgroups, but > then it appears to primarily act as a proxy for ezmlm, which has it's > own form of authentication, and we're not going to be able to tie the > ezmlm authentication to GitHub. > > -- > Cheers, > Ben
There's also the OAuth Proxy project: https://oauth2-proxy.github.io/oauth2-proxy/docs/features/endpoints which allows you to use some baked-in features of nginx in order to provide unauthenticated/legacy services with protection and appropriate authentication headers: https://nginx.org/en/docs/http/ngx_http_auth_request_module.html. -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: https://www.php.net/unsub.php