Skip to main content
Skip table of contents

Technical Details

Limits

These limits are in place to protect Confluence from being overloaded and pages to time out:

  • Requests to GitHub have a time limit of 3 seconds. If it takes more than 3 seconds to fetch the macro’s data, then an error is shown instead. This prevents Confluence page from not rendering if the connection to GitHub is slow.

  • The fetched data has to be smaller than 1MByte. For images the limit is at 10MByte. Otherwise an error is show instead. This prevents multiple things:

    • Showing gigantic files which can slow the Confluence page to a crawl.

    • Loading gigantic data sets into memory and potentially causing out of memory errors.

    • Avoid transferring enormous amount of data by accident.

APIs Used:

API-Endpoint

Purpose

GET https://{github-host}/login/oauth/authorize

Initial OAuth Authorization request. Will show to the OAuth confirmation screen to the user.

POST https://{github-host}/login/oauth/access_token

Fetching the OAuth Authentication Tokens, which will be used for requesting data.

GET https://api.github.com/repos/{org}/{repo}/contents/{path}/?ref={branch}

or

GET https://{github-host}/api/v3/repos/{org}/{repo}/contents/{path}/?ref={branch}

Fetching the included file.

Include GitHub for Confluence Cloud only:

GET https://api.github.com/search/issues/

Fetching issues from GitHub.

Include GitHub for Confluence Cloud only:

GET https://api.github.com/repos/{org}/{repo}/pulls/

Fetching pull requests from GitHub

Authentication Behavior

  • If the Confluence user is authenticated against GitHub, then the Authorization: Bearer {token} is sent along with the request.

  • Otherwise, no such header is sent. If the repository is public, the content is returned and rendered. If the request fails, a dialog to start the OAuth authentication is shown to the user.

Fetch Behavior

  • Every time a macro is viewed it creates one API request. The load on GitHub grows linearly with the amount of Confluence pages with GitHub macros on them.

  • There is no caching at the moment.

  • There is no background polling for data. Only page visits cause traffic.

OAuth Authentication and Organizations

The OAuth app needs to be registered under one organization, and then can be used for all organization on GitHub. The organization which register the OAuth app is listed as owner of the app and controls the registration. However, all organizations can use the registered app. The permissions are based on each individual user. The user can see the exact same content as in Confluence as they see on GitHub. If they can see their personal repo files and all the files of organization they have access too.

GitHub.com

On GitHub.com there is some additional control. An organization can allow or disallow the app on their repository. A user will see the organization access policy in the OAuth panel. The user can either grant access to an organization if they have the permission, or ask the organization admin to let the app access the repository.

Example of GitHub.com extra controls

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.