Merge pull request #128 from jehiah/github_debug_128
provider github not work with scope read:org
This commit is contained in:
commit
5ff8aa3581
@ -103,6 +103,9 @@ func (o *Options) Validate() error {
|
||||
if o.ClientSecret == "" {
|
||||
msgs = append(msgs, "missing setting: client-secret")
|
||||
}
|
||||
if o.AuthenticatedEmailsFile == "" && len(o.EmailDomains) == 0 && o.HtpasswdFile == "" {
|
||||
msgs = append(msgs, "missing setting for email validation: email-domain or authenticated-emails-file required.\n use email-domain=* to authorize all email addresses")
|
||||
}
|
||||
|
||||
o.redirectUrl, msgs = parseUrl(o.RedirectUrl, "redirect", msgs)
|
||||
|
||||
|
@ -15,6 +15,7 @@ func testOptions() *Options {
|
||||
o.CookieSecret = "foobar"
|
||||
o.ClientID = "bazquux"
|
||||
o.ClientSecret = "xyzzyplugh"
|
||||
o.EmailDomains = []string{"*"}
|
||||
return o
|
||||
}
|
||||
|
||||
@ -27,6 +28,7 @@ func errorMsg(msgs []string) string {
|
||||
|
||||
func TestNewOptions(t *testing.T) {
|
||||
o := NewOptions()
|
||||
o.EmailDomains = []string{"*"}
|
||||
err := o.Validate()
|
||||
assert.NotEqual(t, nil, err)
|
||||
|
||||
|
@ -2,7 +2,6 @@ package providers
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
@ -66,7 +65,7 @@ func (p *GitHubProvider) hasOrg(accessToken string) (bool, error) {
|
||||
|
||||
endpoint := "https://api.github.com/user/orgs?" + params.Encode()
|
||||
req, _ := http.NewRequest("GET", endpoint, nil)
|
||||
req.Header.Set("Accept", "application/vnd.github.moondragon+json")
|
||||
req.Header.Set("Accept", "application/vnd.github.v3+json")
|
||||
resp, err := http.DefaultClient.Do(req)
|
||||
if err != nil {
|
||||
return false, err
|
||||
@ -85,11 +84,16 @@ func (p *GitHubProvider) hasOrg(accessToken string) (bool, error) {
|
||||
return false, err
|
||||
}
|
||||
|
||||
var presentOrgs []string
|
||||
for _, org := range orgs {
|
||||
if p.Org == org.Login {
|
||||
log.Printf("Found Github Organization: %q", org.Login)
|
||||
return true, nil
|
||||
}
|
||||
presentOrgs = append(presentOrgs, org.Login)
|
||||
}
|
||||
|
||||
log.Printf("Missing Organization:%q in %v", p.Org, presentOrgs)
|
||||
return false, nil
|
||||
}
|
||||
|
||||
@ -111,7 +115,7 @@ func (p *GitHubProvider) hasOrgAndTeam(accessToken string) (bool, error) {
|
||||
|
||||
endpoint := "https://api.github.com/user/teams?" + params.Encode()
|
||||
req, _ := http.NewRequest("GET", endpoint, nil)
|
||||
req.Header.Set("Accept", "application/vnd.github.moondragon+json")
|
||||
req.Header.Set("Accept", "application/vnd.github.v3+json")
|
||||
resp, err := http.DefaultClient.Do(req)
|
||||
if err != nil {
|
||||
return false, err
|
||||
@ -130,13 +134,29 @@ func (p *GitHubProvider) hasOrgAndTeam(accessToken string) (bool, error) {
|
||||
return false, fmt.Errorf("%s unmarshaling %s", err, body)
|
||||
}
|
||||
|
||||
var hasOrg bool
|
||||
presentOrgs := make(map[string]bool)
|
||||
var presentTeams []string
|
||||
for _, team := range teams {
|
||||
presentOrgs[team.Org.Login] = true
|
||||
if p.Org == team.Org.Login {
|
||||
if p.Team == "" || p.Team == team.Slug {
|
||||
hasOrg = true
|
||||
if p.Team == team.Slug {
|
||||
log.Printf("Found Github Organization:%q Team:%q (Name:%q)", team.Org.Login, team.Slug, team.Name)
|
||||
return true, nil
|
||||
}
|
||||
presentTeams = append(presentTeams, team.Slug)
|
||||
}
|
||||
}
|
||||
if hasOrg {
|
||||
log.Printf("Missing Team:%q from Org:%q in teams: %v", p.Team, p.Org, presentTeams)
|
||||
} else {
|
||||
var allOrgs []string
|
||||
for org, _ := range presentOrgs {
|
||||
allOrgs = append(allOrgs, org)
|
||||
}
|
||||
log.Printf("Missing Organization:%q in %#v", p.Org, allOrgs)
|
||||
}
|
||||
return false, nil
|
||||
}
|
||||
|
||||
@ -190,5 +210,5 @@ func (p *GitHubProvider) GetEmailAddress(s *SessionState) (string, error) {
|
||||
}
|
||||
}
|
||||
|
||||
return "", errors.New("no email address found")
|
||||
return "", nil
|
||||
}
|
||||
|
@ -3,7 +3,6 @@ package providers
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"log"
|
||||
"net/http"
|
||||
"net/url"
|
||||
|
||||
@ -60,13 +59,11 @@ func (p *LinkedInProvider) GetEmailAddress(s *SessionState) (string, error) {
|
||||
|
||||
json, err := api.Request(req)
|
||||
if err != nil {
|
||||
log.Printf("failed making request %s", err)
|
||||
return "", err
|
||||
}
|
||||
|
||||
email, err := json.String()
|
||||
if err != nil {
|
||||
log.Printf("failed making request %s", err)
|
||||
return "", err
|
||||
}
|
||||
return email, nil
|
||||
|
@ -71,9 +71,11 @@ func newValidatorImpl(domains []string, usersFile string,
|
||||
domains[i] = fmt.Sprintf("@%s", strings.ToLower(domain))
|
||||
}
|
||||
|
||||
validator := func(email string) bool {
|
||||
validator := func(email string) (valid bool) {
|
||||
if email == "" {
|
||||
return
|
||||
}
|
||||
email = strings.ToLower(email)
|
||||
valid := false
|
||||
for _, domain := range domains {
|
||||
valid = valid || strings.HasSuffix(email, domain)
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user