vestibule_github
GitHub OAuth strategy with normalized profile data and verified-primary-email lookup.
When to use it
Use GitHub when users sign in with GitHub accounts and your app needs profile data plus the user's verified primary email when available.
Default scopes: user:email
Install
gleam add vestibule_githubSetup shape
- Create a GitHub OAuth App.
- Set the Authorization callback URL exactly for development and production.
- Copy the Client ID and generate a client secret.
- Request user:email when you need private verified primary email lookup.
Usage
import vestibule/config
import vestibule_github
let strategy = vestibule_github.strategy()
let cfg =
config.new(
"github-client-id",
"github-client-secret",
"http://localhost:8000/auth/github/callback",
)What Vestibule handles
- Requests user:email by default.
- Token scopes are parsed from GitHub's comma-separated scope response.
- UserInfo.email is populated from the verified primary email endpoint when available.
- The GitHub profile URL is exposed under the html_url key in UserInfo.urls.
Notes to keep explicit
- GitHub may omit public email from /user; the strategy performs a best-effort /user/emails lookup.
- If the email lookup fails, authentication can still succeed with UserInfo.email set to None.