Pull out github trigger and login validation into validator class
This commit is contained in:
Joseph Schorr
parent
a31f2267e8
commit
d4eb4f7f3c
3 changed files with 132 additions and 77 deletions
51
util/config/validators/validate_github.py
Normal file
51
util/config/validators/validate_github.py
Normal file
|
|
@ -0,0 +1,51 @@
|
|||
from app import app
|
||||
from oauth.services.github import GithubOAuthService
|
||||
from util.config.validators import BaseValidator, ConfigValidationException
|
||||
|
||||
class BaseGitHubValidator(BaseValidator):
|
||||
name = None
|
||||
config_key = None
|
||||
|
||||
@classmethod
|
||||
def validate(cls, config, user, user_password):
|
||||
""" Validates the OAuth credentials and API endpoint for a Github service. """
|
||||
github_config = config.get(cls.config_key)
|
||||
if not github_config:
|
||||
raise ConfigValidationException('Missing GitHub client id and client secret')
|
||||
|
||||
endpoint = github_config.get('GITHUB_ENDPOINT')
|
||||
if not endpoint:
|
||||
raise ConfigValidationException('Missing GitHub Endpoint')
|
||||
|
||||
if endpoint.find('http://') != 0 and endpoint.find('https://') != 0:
|
||||
raise ConfigValidationException('Github Endpoint must start with http:// or https://')
|
||||
|
||||
if not github_config.get('CLIENT_ID'):
|
||||
raise ConfigValidationException('Missing Client ID')
|
||||
|
||||
if not github_config.get('CLIENT_SECRET'):
|
||||
raise ConfigValidationException('Missing Client Secret')
|
||||
|
||||
if github_config.get('ORG_RESTRICT') and not github_config.get('ALLOWED_ORGANIZATIONS'):
|
||||
raise ConfigValidationException('Organization restriction must have at least one allowed ' +
|
||||
'organization')
|
||||
|
||||
client = app.config['HTTPCLIENT']
|
||||
oauth = GithubOAuthService(config, cls.config_key)
|
||||
result = oauth.validate_client_id_and_secret(client, app.config)
|
||||
if not result:
|
||||
raise ConfigValidationException('Invalid client id or client secret')
|
||||
|
||||
if github_config.get('ALLOWED_ORGANIZATIONS'):
|
||||
for org_id in github_config.get('ALLOWED_ORGANIZATIONS'):
|
||||
if not oauth.validate_organization(org_id, client):
|
||||
raise ConfigValidationException('Invalid organization: %s' % org_id)
|
||||
|
||||
|
||||
class GitHubLoginValidator(BaseGitHubValidator):
|
||||
name = "github-login"
|
||||
config_key = "GITHUB_LOGIN_CONFIG"
|
||||
|
||||
class GitHubTriggerValidator(BaseGitHubValidator):
|
||||
name = "github-trigger"
|
||||
config_key = "GITHUB_TRIGGER_CONFIG"
|
||||
Reference in a new issue