I want to share my Android Studio project on Github but when I click to share, it appear to
http://127.0.0.1:63342/api/github/oauth/authorization_code?code=14c943d3435fe66a54f7
and it ask for username and password. I try to log in using my Github username and password but failed.
*Just started programming for 2 weeks
Unzip the github project to a folder. Open Android Studio. Go to File -> New -> Import Project. Then choose the specific project you want to import and then click Next->Finish.
Create a GitHub account. Select 'Checkout from Version Control' from Android Studio's 'Welcome' screen. Enter your GitHub credentials. Open your web browser, navigate to the GitHub repository you want to clone, and then copy/paste its URL into the Android Studio dialog.
This is not a phishing attack. See thread here: Intellij Android Studio opens localhost page to login on github
Intellij support says that this is an Android Studio bug and recommends using a token as a workaround.
Generating the token
Log in to you GitHub account and navigate to Settings > Developer Settings > Personal Access Tokens
Click "Generate new token"
Add a note so you know this token is for Android Studio and then check the following boxes: repo, read:org, and gist
Click "Generate token"
Now copy the generated token and return to Android Studio.
Log In With Token From Android Studio
In Android Studio, Navigate to File > Settings > Version Control > GitHub
Select the '+' and then choose "Log In with token".
Paste the copied token and click "Add Account"
In case you've entered your GitHub access credentials into that - apparently SSL tunnel - which may lead somewhere very else than to https://api.github.com
- your GitHub account likely had been compromised by a phishing attack ...urgently login on the web and change your account password first, then regenerate all personal access tokens, replace all the SSH keys, check if anything else changed. Also check your local PC for malware infection, because to me this seems to be what you're actually dealing with.
For example... any rouge Gradle plugin can patch local config files, alike the one from that GitHub login dialog, or locally install a SSL tunnel as backdoor (these may work both ways). Then some clueless guy comes around, does not understand where he just entered his access credentials, complains that it is not working and takes to the internet, in order to complain some more about it.
140.82.121.4
would be the correct IP address... and it's all over the news (despite 2020).
Also see: OAuth 2.0 authentication vulnerabilities ...in order to back up my claim.
This is a bug within Android Studio. It still exists in the (as of today) current version 2020.3.1.
Bugtracker describing this issue: https://issuetracker.google.com/issues/174787515
As a work-around you can create a token in Github and use that to log in. https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token
The token must have the repo, the gist and the read:org scopes enabled in your account permissions.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With