mirror of
https://github.com/oauth2-proxy/oauth2-proxy.git
synced 2024-11-24 08:52:25 +02:00
Skip 404 errors when looking up Google groups
When checking user membership against Google groups the groups are checked one at a time and in the order that they were supplied. If one of the groups does not exist then the checking is halted with the following error. google.go:201: googleapi: Error 404: Resource Not Found: groupKey, notFound None of the groups following the missing group are checked either. This means that something as trivial as a typo in the first group will make it impossible for anybody to login. This change catches the 404, logs a message, and then carries on as usual. In this way a typo will cause a particular group to stop working but will not affect any other groups.
This commit is contained in:
parent
712739f777
commit
652f43ed38
@ -17,6 +17,7 @@ import (
|
||||
"golang.org/x/oauth2"
|
||||
"golang.org/x/oauth2/google"
|
||||
"google.golang.org/api/admin/directory/v1"
|
||||
"google.golang.org/api/googleapi"
|
||||
)
|
||||
|
||||
type GoogleProvider struct {
|
||||
@ -197,8 +198,12 @@ func userInGroup(service *admin.Service, groups []string, email string) bool {
|
||||
for _, group := range groups {
|
||||
members, err := fetchGroupMembers(service, group)
|
||||
if err != nil {
|
||||
log.Printf("error fetching group members: %v", err)
|
||||
return false
|
||||
if err, ok := err.(*googleapi.Error); ok && err.Code == 404 {
|
||||
log.Printf("error fetching members for group %s: group does not exist", group)
|
||||
} else {
|
||||
log.Printf("error fetching group members: %v", err)
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
for _, member := range members {
|
||||
|
Loading…
Reference in New Issue
Block a user