Skip to content
This repository has been archived by the owner on Jan 24, 2019. It is now read-only.

github enterprise provider #269

Merged
merged 1 commit into from
Jun 20, 2016
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 4 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -97,12 +97,11 @@ The GitHub auth provider supports two additional parameters to restrict authenti
-github-org="": restrict logins to members of this organisation
-github-team="": restrict logins to members of any of these teams, separated by a comma

If you are using github enterprise, make sure you set the following to the appropriate url:

-login-url="<enterprise github url>/login/oauth/authorize"
-redeem-url="<enterprise github url>/login/oauth/access_token"
-validate-url="<enterprise github api url>/user/emails"
If you are using GitHub enterprise, make sure you set the following to the appropriate url:

-login-url="http(s)://<enterprise github host>/login/oauth/authorize"
-redeem-url="http(s)://<enterprise github host>/login/oauth/access_token"
-validate-url="http(s)://<enterprise github host>/api/v3"

### GitLab Auth Provider

Expand Down
32 changes: 25 additions & 7 deletions providers/github.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import (
"log"
"net/http"
"net/url"
"path"
"strings"
)

Expand All @@ -32,11 +33,12 @@ func NewGitHubProvider(p *ProviderData) *GitHubProvider {
Path: "/login/oauth/access_token",
}
}
// ValidationURL is the API Base URL
if p.ValidateURL == nil || p.ValidateURL.String() == "" {
p.ValidateURL = &url.URL{
Scheme: "https",
Host: "api.github.com",
Path: "/user/emails",
Path: "/",
}
}
if p.Scope == "" {
Expand Down Expand Up @@ -64,8 +66,13 @@ func (p *GitHubProvider) hasOrg(accessToken string) (bool, error) {
"limit": {"100"},
}

endpoint := p.ValidateURL.Scheme + "://" + p.ValidateURL.Host + "/user/orgs?" + params.Encode()
req, _ := http.NewRequest("GET", endpoint, nil)
endpoint := &url.URL{
Scheme: p.ValidateURL.Scheme,
Host: p.ValidateURL.Host,
Path: path.Join(p.ValidateURL.Path, "/user/orgs"),
RawQuery: params.Encode(),
}
req, _ := http.NewRequest("GET", endpoint.String(), nil)
req.Header.Set("Accept", "application/vnd.github.v3+json")
resp, err := http.DefaultClient.Do(req)
if err != nil {
Expand Down Expand Up @@ -114,8 +121,13 @@ func (p *GitHubProvider) hasOrgAndTeam(accessToken string) (bool, error) {
"limit": {"100"},
}

endpoint := p.ValidateURL.Scheme + "://" + p.ValidateURL.Host + "/user/teams?" + params.Encode()
req, _ := http.NewRequest("GET", endpoint, nil)
endpoint := &url.URL{
Scheme: p.ValidateURL.Scheme,
Host: p.ValidateURL.Host,
Path: path.Join(p.ValidateURL.Path, "/user/teams"),
RawQuery: params.Encode(),
}
req, _ := http.NewRequest("GET", endpoint.String(), nil)
req.Header.Set("Accept", "application/vnd.github.v3+json")
resp, err := http.DefaultClient.Do(req)
if err != nil {
Expand Down Expand Up @@ -187,8 +199,14 @@ func (p *GitHubProvider) GetEmailAddress(s *SessionState) (string, error) {
params := url.Values{
"access_token": {s.AccessToken},
}
endpoint := p.ValidateURL.Scheme + "://" + p.ValidateURL.Host + p.ValidateURL.Path + "?" + params.Encode()
resp, err := http.DefaultClient.Get(endpoint)

endpoint := &url.URL{
Scheme: p.ValidateURL.Scheme,
Host: p.ValidateURL.Host,
Path: path.Join(p.ValidateURL.Path, "/user/emails"),
RawQuery: params.Encode(),
}
resp, err := http.DefaultClient.Get(endpoint.String())
if err != nil {
return "", err
}
Expand Down