IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fix Github OAuth not working with private Organizations (#11028)

Browse Source 
* Fix Github OAuth not working with private organizations

* Update documentation
This commit is contained in:
Laurent Godet
2018-02-28 12:08:15 +00:00
committed by Torkel Ödegaard
parent e67b1ebf33
commit 59704ee939
4 changed files with 11 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
conf/defaults.ini
View File

@@ -248,7 +248,7 @@ enabled = false
allow_sign_up = true
client_id = some_id
client_secret = some_secret
scopes = user:email
scopes = user:email,read:org
auth_url = https://github.com/login/oauth/authorize
token_url = https://github.com/login/oauth/access_token
api_url = https://api.github.com/user

2
docs/sources/http_api/admin.md
View File

@@ -61,7 +61,7 @@ Content-Type: application/json
"client_id":"some_id",
"client_secret":"************",
"enabled":"false",
"scopes":"user:email",
"scopes":"user:email,read:org",
"team_ids":"",
"token_url":"https://github.com/login/oauth/access_token"
},

4
docs/sources/installation/configuration.md
View File

@@ -354,7 +354,7 @@ enabled = true
allow_sign_up = true
client_id = YOUR_GITHUB_APP_CLIENT_ID
client_secret = YOUR_GITHUB_APP_CLIENT_SECRET
scopes = user:email
scopes = user:email,read:org
auth_url = https://github.com/login/oauth/authorize
token_url = https://github.com/login/oauth/access_token
api_url = https://api.github.com/user
@@ -387,6 +387,7 @@ scopes = user:email,read:org
team_ids = 150,300
auth_url = https://github.com/login/oauth/authorize
token_url = https://github.com/login/oauth/access_token
api_url = https://api.github.com/user
allow_sign_up = true
```
@@ -405,6 +406,7 @@ client_secret = YOUR_GITHUB_APP_CLIENT_SECRET
scopes = user:email,read:org
auth_url = https://github.com/login/oauth/authorize
token_url = https://github.com/login/oauth/access_token
api_url = https://api.github.com/user
allow_sign_up = true
# space-delimited organization names
allowed_organizations = github google

11
pkg/social/github_oauth.go
View File

@@ -195,10 +195,9 @@ func (s *SocialGithub) FetchOrganizations(client *http.Client, organizationsUrl
func (s *SocialGithub) UserInfo(client *http.Client, token *oauth2.Token) (*BasicUserInfo, error) {
var data struct {
Id int `json:"id"`
Login string `json:"login"`
Email string `json:"email"`
OrganizationsUrl string `json:"organizations_url"`
Id int `json:"id"`
Login string `json:"login"`
Email string `json:"email"`
}
response, err := HttpGet(client, s.apiUrl)
@@ -217,11 +216,13 @@ func (s *SocialGithub) UserInfo(client *http.Client, token *oauth2.Token) (*Basi
Email: data.Email,
}
organizationsUrl := fmt.Sprintf(s.apiUrl + "/orgs")
if !s.IsTeamMember(client) {
return nil, ErrMissingTeamMembership
}
if !s.IsOrganizationMember(client, data.OrganizationsUrl) {
if !s.IsOrganizationMember(client, organizationsUrl) {
return nil, ErrMissingOrganizationMembership
}