-
Notifications
You must be signed in to change notification settings - Fork 36
/
github.go
56 lines (46 loc) · 1.5 KB
/
github.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
package ogithub
import (
"context"
"fmt"
"github.com/enfabrica/enkit/lib/logger"
"github.com/enfabrica/enkit/lib/oauth"
gh "github.com/google/go-github/github"
"golang.org/x/oauth2"
"golang.org/x/oauth2/github"
)
func Defaults() oauth.Modifier {
return oauth.WithModifiers(
oauth.WithEndpoint(github.Endpoint),
oauth.WithFactory(NewGetUserVerifier),
)
}
type GetUserVerifier struct {
conf *oauth2.Config
}
func (guv *GetUserVerifier) Scopes() []string {
return []string{
"repos",
}
}
func (guv *GetUserVerifier) Verify(log logger.Logger, identity *oauth.Identity, tok *oauth2.Token) (*oauth.Identity, error) {
client := gh.NewClient(guv.conf.Client(oauth2.NoContext, tok))
// FIXME: timeout, retry strategy.
user, _, err := client.Users.Get(context.Background(), "")
if err != nil {
return nil, fmt.Errorf("retrieving user information failed - %w", err)
}
if user.ID == nil || user.Login == nil {
return nil, fmt.Errorf("email and user ID not available - %w", err)
}
identity.Username = *user.Login
identity.Organization = "github.com"
identity.Id = fmt.Sprintf("github:%d", *user.ID)
return identity, nil
}
// GetUserVerifier tries to fetch the userinfo of a user to verify the validity of a token.
//
// It performs an http request for every attempt to validate the token. If the request fails,
// either the token is invalid, or there is a problem with the API backend.
func NewGetUserVerifier(conf *oauth2.Config) (oauth.Verifier, error) {
return &GetUserVerifier{conf: conf}, nil
}