github provider: allow multiple teams
This commit is contained in:
Raphaël Pinson
parent
54efb1a2e1
commit
338e99773a
|
|
@ -94,7 +94,7 @@ The Azure AD auth provider uses `openid` as it default scope. It uses `https://g
|
|||
The GitHub auth provider supports two additional parameters to restrict authentication to Organization or Team level access. Restricting by org and team is normally accompanied with `--email-domain=*`
|
||||
|
||||
-github-org="": restrict logins to members of this organisation
|
||||
-github-team="": restrict logins to members of this team
|
||||
-github-team="": restrict logins to members of any of these teams, separated by a comma
|
||||
|
||||
If you are using github enterprise, make sure you set the following to the appropriate url:
|
||||
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package providers
|
|||
import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"strings"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
"net/http"
|
||||
|
|
@ -141,9 +142,12 @@ func (p *GitHubProvider) hasOrgAndTeam(accessToken string) (bool, error) {
|
|||
presentOrgs[team.Org.Login] = true
|
||||
if p.Org == team.Org.Login {
|
||||
hasOrg = true
|
||||
if p.Team == team.Slug {
|
||||
log.Printf("Found Github Organization:%q Team:%q (Name:%q)", team.Org.Login, team.Slug, team.Name)
|
||||
return true, nil
|
||||
ts := strings.Split(p.Team, ",")
|
||||
for _, t := range ts {
|
||||
if t == team.Slug {
|
||||
log.Printf("Found Github Organization:%q Team:%q (Name:%q)", team.Org.Login, team.Slug, team.Name)
|
||||
return true, nil
|
||||
}
|
||||
}
|
||||
presentTeams = append(presentTeams, team.Slug)
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue