From 6f86efb594721bc577c56b284f5f2499e563c45c Mon Sep 17 00:00:00 2001
From: Patrick O'Doherty <p@trickod.com>
Date: Mon, 23 May 2016 17:56:15 +0100
Subject: Don't allow wide-open Google or Github configs

Fail loudly if either the google_opts domain value or github_opts organization
values are not set in the configuration. The lack of these values means that
 a) in the Google case any @gmail.com address will be allowed
 b) the Github case any Github user will be allowed.

This was previously documented but left as a foot-gun in the code.

Future commits will allow for explicit wildcards to be set.
---
 server/auth/github/github.go | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

(limited to 'server/auth/github/github.go')

diff --git a/server/auth/github/github.go b/server/auth/github/github.go
index 1c62d9b..192cd9d 100644
--- a/server/auth/github/github.go
+++ b/server/auth/github/github.go
@@ -1,6 +1,7 @@
 package github
 
 import (
+	"errors"
 	"net/http"
 
 	"github.com/nsheridan/cashier/server/auth"
@@ -23,7 +24,10 @@ type Config struct {
 }
 
 // New creates a new Github provider from a configuration.
-func New(c *config.Auth) auth.Provider {
+func New(c *config.Auth) (auth.Provider, error) {
+	if c.ProviderOpts["organization"] == "" {
+		return nil, errors.New("github_opts organization must not be empty")
+	}
 	return &Config{
 		config: &oauth2.Config{
 			ClientID:     c.OauthClientID,
@@ -36,7 +40,7 @@ func New(c *config.Auth) auth.Provider {
 			},
 		},
 		organization: c.ProviderOpts["organization"],
-	}
+	}, nil
 }
 
 // A new oauth2 http client.
@@ -54,9 +58,6 @@ func (c *Config) Valid(token *oauth2.Token) bool {
 	if !token.Valid() {
 		return false
 	}
-	if c.organization == "" {
-		return true
-	}
 	client := githubapi.NewClient(c.newClient(token))
 	member, _, err := client.Organizations.IsMember(c.organization, c.Username(token))
 	if err != nil {
-- 
cgit v1.2.3