Github provider

2025-08-08 22:46:33 +02:00 · 2015-05-20 23:23:48 -04:00
parent 8471f972e1
commit 37b38dd2f4
17 changed files with 304 additions and 112 deletions
--- a/providers/github.go
+++ b/providers/github.go
@ -0,0 +1,136 @@
+package providers
+
+import (
+	"encoding/json"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+)
+
+type GitHubProvider struct {
+	*ProviderData
+	Org  string
+	Team string
+}
+
+func NewGitHubProvider(p *ProviderData) *GitHubProvider {
+	p.ProviderName = "GitHub"
+	if p.LoginUrl.String() == "" {
+		p.LoginUrl = &url.URL{
+			Scheme: "https",
+			Host:   "github.com",
+			Path:   "/login/oauth/authorize",
+		}
+	}
+	if p.RedeemUrl.String() == "" {
+		p.RedeemUrl = &url.URL{
+			Scheme: "https",
+			Host:   "github.com",
+			Path:   "/login/oauth/access_token",
+		}
+	}
+	if p.ValidateUrl.String() == "" {
+		p.ValidateUrl = &url.URL{
+			Scheme: "https",
+			Host:   "api.github.com",
+			Path:   "/user/emails",
+		}
+	}
+	if p.Scope == "" {
+		p.Scope = "user:email"
+	}
+	return &GitHubProvider{ProviderData: p}
+}
+func (p *GitHubProvider) SetOrgTeam(org, team string) {
+	p.Org = org
+	p.Team = team
+	if org != "" || team != "" {
+		p.Scope += " read:org"
+	}
+}
+
+func (p *GitHubProvider) hasOrgAndTeam(accessToken string) (bool, error) {
+
+	var teams []struct {
+		Name string `json:"name"`
+		Slug string `json:"slug"`
+		Org  struct {
+			Login string `json:"login"`
+		} `json:"organization"`
+	}
+
+	params := url.Values{
+		"access_token": {accessToken},
+	}
+
+	req, _ := http.NewRequest("GET", "https://api.github.com/user/teams?"+params.Encode(), nil)
+	req.Header.Set("Accept", "application/vnd.github.moondragon+json")
+	resp, err := http.DefaultClient.Do(req)
+	if err != nil {
+		return false, err
+	}
+
+	body, err := ioutil.ReadAll(resp.Body)
+	resp.Body.Close()
+	if err != nil {
+		return false, err
+	}
+
+	if err := json.Unmarshal(body, &teams); err != nil {
+		return false, err
+	}
+
+	for _, team := range teams {
+		if p.Org == team.Org.Login {
+			if p.Team == "" || p.Team == team.Slug {
+				return true, nil
+			}
+		}
+	}
+	return false, nil
+}
+
+func (p *GitHubProvider) GetEmailAddress(body []byte, access_token string) (string, error) {
+
+	var emails []struct {
+		Email   string `json:"email"`
+		Primary bool   `json:"primary"`
+	}
+
+	params := url.Values{
+		"access_token": {access_token},
+	}
+
+	// if we require an Org or Team, check that first
+	if p.Org != "" || p.Team != "" {
+		if ok, err := p.hasOrgAndTeam(access_token); err != nil || !ok {
+			return "", err
+		}
+	}
+
+	resp, err := http.DefaultClient.Get("https://api.github.com/user/emails?" + params.Encode())
+	if err != nil {
+		return "", err
+	}
+	body, err = ioutil.ReadAll(resp.Body)
+	resp.Body.Close()
+	if err != nil {
+		return "", err
+	}
+
+	if err := json.Unmarshal(body, &emails); err != nil {
+		return "", err
+	}
+
+	for _, email := range emails {
+		if email.Primary {
+			return email.Email, nil
+		}
+	}
+
+	return "", nil
+}
+
+func (p *GitHubProvider) ValidateToken(access_token string) bool {
+	return validateToken(p, access_token, nil)
+}