You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
GitHub org membership check does not support paginated responses from GitHub API.
Environment:
Spinnaker 1.29.0
Feature Area:
GitHub OAuth
Description:
Spin Gate supports a GitHub organization membership check: if the authenticated user is not a member of the target GitHub organization then access is denied. The API call to GItHub that checks user organization memberships does not handle a paginated response from GitHub. If the user is a member of more than the default page size number of orgs (30) then GitHub paginates the response, attaching a Link header with the URL to the next page. Currently, the membership check fails if the user is a member of more than 30 orgs and the target org is not contained in the first page.
Steps to Reproduce:
Enable the org membership check.
Ensure that the user is a member of more than 30 orgs.
Ensure that the target org is not returned in the first page of orgs returned by the GitHub org membership API.
Authenticate with Spinnaker via GitHub OAuth.
Access is denied.
The text was updated successfully, but these errors were encountered:
This issue is tagged as 'stale' and hasn't been updated in 45 days, so we are tagging it as 'to-be-closed'. It will be closed in 45 days unless updates are made. If you want to remove this label, comment:
Issue Summary:
GitHub org membership check does not support paginated responses from GitHub API.
Environment:
Spinnaker 1.29.0
Feature Area:
GitHub OAuth
Description:
Spin Gate supports a GitHub organization membership check: if the authenticated user is not a member of the target GitHub organization then access is denied. The API call to GItHub that checks user organization memberships does not handle a paginated response from GitHub. If the user is a member of more than the default page size number of orgs (30) then GitHub paginates the response, attaching a
Link
header with the URL to the next page. Currently, the membership check fails if the user is a member of more than 30 orgs and the target org is not contained in the first page.Steps to Reproduce:
The text was updated successfully, but these errors were encountered: