aboutsummaryrefslogtreecommitdiff
path: root/server/auth/github/github.go
diff options
context:
space:
mode:
Diffstat (limited to 'server/auth/github/github.go')
-rw-r--r--server/auth/github/github.go13
1 files changed, 11 insertions, 2 deletions
diff --git a/server/auth/github/github.go b/server/auth/github/github.go
index 9bbd8f6..912caae 100644
--- a/server/auth/github/github.go
+++ b/server/auth/github/github.go
@@ -22,12 +22,17 @@ const (
type Config struct {
config *oauth2.Config
organization string
+ whitelist map[string]bool
}
// New creates a new Github provider from a configuration.
func New(c *config.Auth) (auth.Provider, error) {
- if c.ProviderOpts["organization"] == "" {
- return nil, errors.New("github_opts organization must not be empty")
+ uw := make(map[string]bool)
+ for _, u := range c.UsersWhitelist {
+ uw[u] = true
+ }
+ if c.ProviderOpts["organization"] == "" && len(uw) == 0 {
+ return nil, errors.New("github_opts organization and the users whitelist must not be both empty")
}
return &Config{
config: &oauth2.Config{
@@ -41,6 +46,7 @@ func New(c *config.Auth) (auth.Provider, error) {
},
},
organization: c.ProviderOpts["organization"],
+ whitelist: uw,
}, nil
}
@@ -56,6 +62,9 @@ func (c *Config) Name() string {
// Valid validates the oauth token.
func (c *Config) Valid(token *oauth2.Token) bool {
+ if len(c.whitelist) == 0 && !c.whitelist[c.Username(token)] {
+ return false
+ }
if !token.Valid() {
return false
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-02 02:17:27 +0000