Merge pull request #63 from dmahmalat-sap/github-roleAttributePath

Add roleAttributePath to GitHub Social Auth
credativ · May 6, 2024 · e9e6b22 · e9e6b22
2 parents 7c69638 + 23462b1
commit e9e6b22
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 0 deletions.
diff --git a/pkg/login/social/github_oauth.go b/pkg/login/social/github_oauth.go
@@ -17,6 +17,7 @@ type SocialGithub struct {
 	allowedOrganizations []string
 	apiUrl               string
 	teamIds              []int
+	roleAttributePath    string
 }
 
 type GithubTeam struct {
@@ -28,6 +29,10 @@ type GithubTeam struct {
 	} `json:"organization"`
 }
 
+type TeamGroupsJson struct {
+	Groups []string `json:"groups"`
+}
+
 var (
 	ErrMissingTeamMembership         = Error{"user not a member of one of the required teams"}
 	ErrMissingOrganizationMembership = Error{"user not a member of one of the required organizations"}
@@ -201,12 +206,18 @@ func (s *SocialGithub) UserInfo(client *http.Client, token *oauth2.Token) (*Basi
 
 	teams := convertToGroupList(teamMemberships)
 
+	role, err := s.extractRole(teams)
+	if err != nil {
+		return nil, fmt.Errorf("Error extracting role: %s", err)
+	}
+
 	userInfo := &BasicUserInfo{
 		Name:   data.Login,
 		Login:  data.Login,
 		Id:     fmt.Sprintf("%d", data.Id),
 		Email:  data.Email,
 		Groups: teams,
+		Role:   role,
 	}
 
 	organizationsUrl := fmt.Sprintf(s.apiUrl + "/orgs")
@@ -229,6 +240,27 @@ func (s *SocialGithub) UserInfo(client *http.Client, token *oauth2.Token) (*Basi
 	return userInfo, nil
 }
 
+func (s *SocialGithub) extractRole(teams []string) (string, error) {
+	if s.roleAttributePath == "" {
+		return "", nil
+	}
+
+	teamsObj := TeamGroupsJson{
+		Groups: teams,
+	}
+	teamsJson, err := json.Marshal(teamsObj)
+	if err != nil {
+		return "", err
+	}
+
+	role, err := s.searchJSONForAttr(s.roleAttributePath, teamsJson)
+	if err != nil {
+		return "", err
+	}
+
+	return role, nil
+}
+
 func (t *GithubTeam) GetShorthand() (string, error) {
 	if t.Organization.Login == "" || t.Slug == "" {
 		return "", errors.New("Error getting team shorthand")

diff --git a/pkg/login/social/social.go b/pkg/login/social/social.go
@@ -126,6 +126,7 @@ func NewOAuthService() {
 				SocialBase:           newSocialBase(name, &config, info),
 				apiUrl:               info.ApiUrl,
 				teamIds:              sec.Key("team_ids").Ints(","),
+				roleAttributePath:    info.RoleAttributePath,
 				allowedOrganizations: util.SplitString(sec.Key("allowed_organizations").String()),
 			}
 		}