github.com/hellofresh/janus@v0.0.0-20230925145208-ce8de8183c67/pkg/jwt/github/organization_verifier.go

github.com/hellofresh/janus@v0.0.0-20230925145208-ce8de8183c67/pkg/jwt/github/organization_verifier.go (about)

     1  package github
     2  
     3  import (
     4  	"errors"
     5  	"fmt"
     6  	"net/http"
     7  )
     8  
     9  // OrganizationVerifier checks if the current user belongs any of the defined organizations
    10  type OrganizationVerifier struct {
    11  	organizations []string
    12  	gitHubClient  Client
    13  }
    14  
    15  // NewOrganizationVerifier creates a new instance of OrganizationVerifier
    16  func NewOrganizationVerifier(organizations []string, gitHubClient Client) *OrganizationVerifier {
    17  	return &OrganizationVerifier{
    18  		organizations: organizations,
    19  		gitHubClient:  gitHubClient,
    20  	}
    21  }
    22  
    23  // Verify makes a check and return a boolean if the check was successful or not
    24  func (v *OrganizationVerifier) Verify(r *http.Request, httpClient *http.Client) (bool, error) {
    25  	orgs, err := v.gitHubClient.Organizations(httpClient)
    26  	if err != nil {
    27  		return false, fmt.Errorf("failed to get organizations: %w", err)
    28  	}
    29  
    30  	for _, name := range orgs {
    31  		for _, authorizedOrg := range v.organizations {
    32  			if name == authorizedOrg {
    33  				return true, nil
    34  			}
    35  		}
    36  	}
    37  
    38  	return false, errors.New("you are not part of the allowed organizations")
    39  }