GitHub login fixes:
- Allow for case insensitivity in the org name list - Remove the check for verified email addresses when under Enterprise; it isn't supported there.
This commit is contained in:
Joseph Schorr
parent
f8c80f7d11
commit
3cd11c8f45
2 changed files with 11 additions and 4 deletions
|
|
@ -181,7 +181,7 @@ def github_oauth_callback():
|
|||
get_orgs = client.get(github_login.orgs_endpoint(), params=token_param,
|
||||
headers={'Accept': 'application/vnd.github.moondragon+json'})
|
||||
|
||||
organizations = set([org.get('login') for org in get_orgs.json()])
|
||||
organizations = set([org.get('login').lower() for org in get_orgs.json()])
|
||||
if not (organizations & set(github_login.allowed_organizations())):
|
||||
err = """You are not a member of an allowed GitHub organization.
|
||||
Please contact your system administrator if you believe this is in error."""
|
||||
|
|
@ -193,7 +193,7 @@ def github_oauth_callback():
|
|||
|
||||
found_email = None
|
||||
for user_email in get_email.json():
|
||||
if not user_email['verified']:
|
||||
if not github_login.is_enterprise() and not user_email['verified']:
|
||||
continue
|
||||
|
||||
found_email = user_email['email']
|
||||
|
|
|
|||
|
|
@ -45,7 +45,11 @@ class GithubOAuthConfig(OAuthConfig):
|
|||
if not self.config.get('ORG_RESTRICT', False):
|
||||
return None
|
||||
|
||||
return self.config.get('ALLOWED_ORGANIZATIONS', None)
|
||||
allowed = self.config.get('ALLOWED_ORGANIZATIONS', None)
|
||||
if allowed is None:
|
||||
return None
|
||||
|
||||
return [org.lower() for org in allowed]
|
||||
|
||||
def _endpoint(self):
|
||||
endpoint = self.config.get('GITHUB_ENDPOINT', 'https://github.com')
|
||||
|
|
@ -53,6 +57,9 @@ class GithubOAuthConfig(OAuthConfig):
|
|||
endpoint = endpoint + '/'
|
||||
return endpoint
|
||||
|
||||
def is_enterprise(self):
|
||||
return self._endpoint().find('.github.com') < 0
|
||||
|
||||
def authorize_endpoint(self):
|
||||
return self._get_url(self._endpoint(), '/login/oauth/authorize') + '?'
|
||||
|
||||
|
|
@ -104,7 +111,7 @@ class GithubOAuthConfig(OAuthConfig):
|
|||
|
||||
def validate_organization(self, organization_id, http_client):
|
||||
api_endpoint = self._api_endpoint()
|
||||
org_endpoint = self._get_url(api_endpoint, 'orgs/%s' % organization_id)
|
||||
org_endpoint = self._get_url(api_endpoint, 'orgs/%s' % organization_id.lower())
|
||||
|
||||
result = http_client.get(org_endpoint,
|
||||
headers={'Accept': 'application/vnd.github.moondragon+json'},
|
||||
|
|
|
|||
Reference in a new issue