vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
This repository has been archived on 2020-03-24. You can view files and clone it, but you cannot make any changes to it's state, such as pushing and creating new issues, pull requests or comments.
quay/util/config/validators/validate_github.py
Sam Chow 301cc6992a Remove jwt validation for jschorr to fix later 
Refactor oauth validate method to take config over entire appconfig
2018-06-01 15:07:06 -04:00

53 lines
2.1 KiB
Python
Raw Blame History

from oauth.services.github import GithubOAuthService
from util.config.validators import BaseValidator, ConfigValidationException
class BaseGitHubValidator(BaseValidator):
name = None
config_key = None
@classmethod
def validate(cls, validator_context):
""" Validates the OAuth credentials and API endpoint for a Github service. """
config = validator_context.config
client = validator_context.http_client
url_scheme_and_hostname = validator_context.url_scheme_and_hostname
github_config = config.get(cls.config_key)
if not github_config:
raise ConfigValidationException('Missing GitHub client id and client secret')
endpoint = github_config.get('GITHUB_ENDPOINT')
if not endpoint:
raise ConfigValidationException('Missing GitHub Endpoint')
if endpoint.find('http://') != 0 and endpoint.find('https://') != 0:
raise ConfigValidationException('Github Endpoint must start with http:// or https://')
if not github_config.get('CLIENT_ID'):
raise ConfigValidationException('Missing Client ID')
if not github_config.get('CLIENT_SECRET'):
raise ConfigValidationException('Missing Client Secret')
if github_config.get('ORG_RESTRICT') and not github_config.get('ALLOWED_ORGANIZATIONS'):
raise ConfigValidationException('Organization restriction must have at least one allowed ' +
'organization')
oauth = GithubOAuthService(config, cls.config_key)
result = oauth.validate_client_id_and_secret(client, url_scheme_and_hostname)
if not result:
raise ConfigValidationException('Invalid client id or client secret')
if github_config.get('ALLOWED_ORGANIZATIONS'):
for org_id in github_config.get('ALLOWED_ORGANIZATIONS'):
if not oauth.validate_organization(org_id, client):
raise ConfigValidationException('Invalid organization: %s' % org_id)
class GitHubLoginValidator(BaseGitHubValidator):
name = "github-login"
config_key = "GITHUB_LOGIN_CONFIG"
class GitHubTriggerValidator(BaseGitHubValidator):
name = "github-trigger"
config_key = "GITHUB_TRIGGER_CONFIG"
Reference in a new issue View git blame Copy permalink