From 652f43ed38d62d48911197a80eb4b01ca95f611c Mon Sep 17 00:00:00 2001 From: Eskil Andreen Date: Tue, 28 Mar 2017 15:58:18 +0200 Subject: [PATCH] Skip 404 errors when looking up Google groups When checking user membership against Google groups the groups are checked one at a time and in the order that they were supplied. If one of the groups does not exist then the checking is halted with the following error. google.go:201: googleapi: Error 404: Resource Not Found: groupKey, notFound None of the groups following the missing group are checked either. This means that something as trivial as a typo in the first group will make it impossible for anybody to login. This change catches the 404, logs a message, and then carries on as usual. In this way a typo will cause a particular group to stop working but will not affect any other groups. --- providers/google.go | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/providers/google.go b/providers/google.go index 539657b..a9cb487 100644 --- a/providers/google.go +++ b/providers/google.go @@ -17,6 +17,7 @@ import ( "golang.org/x/oauth2" "golang.org/x/oauth2/google" "google.golang.org/api/admin/directory/v1" + "google.golang.org/api/googleapi" ) type GoogleProvider struct { @@ -197,8 +198,12 @@ func userInGroup(service *admin.Service, groups []string, email string) bool { for _, group := range groups { members, err := fetchGroupMembers(service, group) if err != nil { - log.Printf("error fetching group members: %v", err) - return false + if err, ok := err.(*googleapi.Error); ok && err.Code == 404 { + log.Printf("error fetching members for group %s: group does not exist", group) + } else { + log.Printf("error fetching group members: %v", err) + return false + } } for _, member := range members {