97d073567c
When using Gerrit with GitHub authentication, we need to "remember" the user's federated auth token in order to allow Gerrit to impersonate the user when communicating with GitHub. The user is always in control as the external identity is listed in the user's external ids and can be removed / revoked at any time. This change is *mandatory* for being able to integrate the GitHub group backend system properly, as GitHub does not allow anonymous browsing of organisations and groups (very hard 60 calls/hour cap) and Gerrit needs to impersonate the user to understand to which organisation / group he belongs to. NOTE: each user can have at most 1 external identity as at the moment is not possibly to authenticate against multiple external systems at once. Change-Id: I8df2540a5643c95d51b26e9d3e32f6cd1cac9f10 |
||
|---|---|---|
| .. | ||
| src | ||
| BUCK | ||