Select Git revision
github.go 2.61 KiB
package github
import (
"errors"
"net/http"
"time"
"github.com/nsheridan/cashier/server/auth"
"github.com/nsheridan/cashier/server/config"
githubapi "github.com/google/go-github/github"
"golang.org/x/oauth2"
"golang.org/x/oauth2/github"
)
const (
name = "github"
)
// Config is an implementation of `auth.Provider` for authenticating using a
// Github account.
type Config struct {
config *oauth2.Config
organization string
}
// New creates a new Github provider from a configuration.
func New(c *config.Auth) (auth.Provider, error) {
if c.ProviderOpts["organization"] == "" {
return nil, errors.New("github_opts organization must not be empty")
}
return &Config{
config: &oauth2.Config{
ClientID: c.OauthClientID,
ClientSecret: c.OauthClientSecret,
RedirectURL: c.OauthCallbackURL,
Endpoint: github.Endpoint,
Scopes: []string{
string(githubapi.ScopeUser),
string(githubapi.ScopeReadOrg),
},
},
organization: c.ProviderOpts["organization"],
}, nil
}
// A new oauth2 http client.
func (c *Config) newClient(token *oauth2.Token) *http.Client {
return c.config.Client(oauth2.NoContext, token)
}
// Name returns the name of the provider.
func (c *Config) Name() string {
return name
}
// Valid validates the oauth token.
func (c *Config) Valid(token *oauth2.Token) bool {
if !token.Valid() {
return false
}
client := githubapi.NewClient(c.newClient(token))
member, _, err := client.Organizations.IsMember(c.organization, c.Username(token))
if err != nil {
return false
}
return member
}
// GitHub doesn't seem to allow token revocation - tokens are indefinite and