mirror of
https://github.com/oauth2-proxy/oauth2-proxy.git
synced 2024-11-28 09:08:44 +02:00
Merge pull request #214 from raphink/github_multiple_teams
github provider: allow multiple teams
This commit is contained in:
commit
293d674e14
@ -95,7 +95,7 @@ The Azure AD auth provider uses `openid` as it default scope. It uses `https://g
|
||||
The GitHub auth provider supports two additional parameters to restrict authentication to Organization or Team level access. Restricting by org and team is normally accompanied with `--email-domain=*`
|
||||
|
||||
-github-org="": restrict logins to members of this organisation
|
||||
-github-team="": restrict logins to members of this team
|
||||
-github-team="": restrict logins to members of any of these teams, separated by a comma
|
||||
|
||||
If you are using github enterprise, make sure you set the following to the appropriate url:
|
||||
|
||||
|
@ -3,6 +3,7 @@ package providers
|
||||
import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"strings"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
"net/http"
|
||||
@ -141,9 +142,12 @@ func (p *GitHubProvider) hasOrgAndTeam(accessToken string) (bool, error) {
|
||||
presentOrgs[team.Org.Login] = true
|
||||
if p.Org == team.Org.Login {
|
||||
hasOrg = true
|
||||
if p.Team == team.Slug {
|
||||
log.Printf("Found Github Organization:%q Team:%q (Name:%q)", team.Org.Login, team.Slug, team.Name)
|
||||
return true, nil
|
||||
ts := strings.Split(p.Team, ",")
|
||||
for _, t := range ts {
|
||||
if t == team.Slug {
|
||||
log.Printf("Found Github Organization:%q Team:%q (Name:%q)", team.Org.Login, team.Slug, team.Name)
|
||||
return true, nil
|
||||
}
|
||||
}
|
||||
presentTeams = append(presentTeams, team.Slug)
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user