Strona główna Odkrywaj Pomoc
Zarejestruj się Zaloguj się
oscarleiva
/
energylink
1
0
Forkuj 0
Pliki Problemy 0 Oczekujące zmiany 0 Wiki
Przeglądaj źródła

Solves problem with Github authentication restriction by organization membership when the organization's access policy is set to "Access restricted". "Access restricted" policy should not stop user to authenticate.

How it is solved:
* Take organizations_url field data from user basic data response
* Make another request to get all organization the user is a member of (public membership)
* Authenticate user if appropriate organization found in that list
Adilet Maratov 8 lat temu
rodzic
3aa1cb012a
commit
50daf7463d
1 zmienionych plików z 10 dodań i 8 usunięć
Zunifikowany widok Pokaż statystyki zmian
  1. 10 8
      pkg/social/github_oauth.go

+ 10 - 8
pkg/social/github_oauth.go
Wyświetl plik 

@@ -58,12 +58,12 @@ func (s *SocialGithub) IsTeamMember(client *http.Client) bool {
 
 	return false
 
 	return false
 
 }
 
 }
 
 
 
-func (s *SocialGithub) IsOrganizationMember(client *http.Client) bool {
 
+func (s *SocialGithub) IsOrganizationMember(client *http.Client, organizationsUrl string) bool {
 
 	if len(s.allowedOrganizations) == 0 {
 
 	if len(s.allowedOrganizations) == 0 {
 
 		return true
 
 		return true
 
 	}
 
 	}
 
 
 
-	organizations, err := s.FetchOrganizations(client)
 
+	organizations, err := s.FetchOrganizations(client, organizationsUrl)
 
 	if err != nil {
 
 	if err != nil {
 
 		return false
 
 		return false
 
 	}
 
 	}
 
@@ -167,12 +167,12 @@ func (s *SocialGithub) HasMoreRecords(headers http.Header) (string, bool) {
 
 
 
 }
 
 }
 
 
 
-func (s *SocialGithub) FetchOrganizations(client *http.Client) ([]string, error) {
 
+func (s *SocialGithub) FetchOrganizations(client *http.Client, organizationsUrl string) ([]string, error) {
 
 	type Record struct {
 
 	type Record struct {
 
 		Login string `json:"login"`
 
 		Login string `json:"login"`
 
 	}
 
 	}
 
 
 
-	response, err := HttpGet(client, fmt.Sprintf(s.apiUrl+"/orgs"))
 
+	response, err := HttpGet(client, organizationsUrl)
 
 	if err != nil {
 
 	if err != nil {
 
 		return nil, fmt.Errorf("Error getting organizations: %s", err)
 
 		return nil, fmt.Errorf("Error getting organizations: %s", err)
 
 	}
 
 	}
 
@@ -193,10 +193,12 @@ func (s *SocialGithub) FetchOrganizations(client *http.Client) ([]string, error)
 
 }
 
 }
 
 
 
 func (s *SocialGithub) UserInfo(client *http.Client) (*BasicUserInfo, error) {
 
 func (s *SocialGithub) UserInfo(client *http.Client) (*BasicUserInfo, error) {
 
+
 
 	var data struct {
 
 	var data struct {
 
-		Id    int    `json:"id"`
 
-		Login string `json:"login"`
 
-		Email string `json:"email"`
 
+		Id               int    `json:"id"`
 
+		Login            string `json:"login"`
 
+		Email            string `json:"email"`
 
+		OrganizationsUrl string `json:"organizations_url"`
 
 	}
 
 	}
 
 
 
 	response, err := HttpGet(client, s.apiUrl)
 
 	response, err := HttpGet(client, s.apiUrl)
 
@@ -219,7 +221,7 @@ func (s *SocialGithub) UserInfo(client *http.Client) (*BasicUserInfo, error) {
 
 		return nil, ErrMissingTeamMembership
 
 		return nil, ErrMissingTeamMembership
 
 	}
 
 	}
 
 
 
-	if !s.IsOrganizationMember(client) {
 
+	if !s.IsOrganizationMember(client, data.OrganizationsUrl) {
 
 		return nil, ErrMissingOrganizationMembership
 
 		return nil, ErrMissingOrganizationMembership
 
 	}
 
 	}