feat(oauth/github): allow to specify URL for github enterprise

2021-03-29 21:02:34 +02:00 · 2021-03-29 21:02:34 +02:00 · 40f7d398ff
parent 600a21ee70
commit 40f7d398ff
2 changed files with 14 additions and 2 deletions
--- a/oauth2/github.go
+++ b/oauth2/github.go
@ -22,6 +22,7 @@ type Github struct {
 	ClientSecret string
 	Orgs         []string // Optional github organization checking
 	Logger       chronograf.Logger
+	BaseURL      string // GitHub Enterprise Base URL
 }

 // Name is the name of the provider.
@ -51,11 +52,20 @@ func (g *Github) Scopes() []string {

 // Config is the Github OAuth2 exchange information and endpoints.
 func (g *Github) Config() *oauth2.Config {
+	var endpoint oauth2.Endpoint
+	if g.BaseURL == "" {
+		endpoint = ogh.Endpoint
+	} else {
+		endpoint = oauth2.Endpoint{
+			AuthURL:  g.BaseURL + "/login/oauth/authorize",
+			TokenURL: g.BaseURL + "/login/oauth/access_token",
+		}
+	}
 	return &oauth2.Config{
 		ClientID:     g.ID(),
 		ClientSecret: g.Secret(),
 		Scopes:       g.Scopes(),
-		Endpoint:     ogh.Endpoint,
+		Endpoint:     endpoint,
 	}
 }

@ -171,7 +181,7 @@ func primaryEmail(emails []*github.UserEmail) (string, error) {
 			return *m.Email, nil
 		}
 	}
-	return "", errors.New("No primary email address")
+	return "", errors.New("no primary email address")
 }

 func getPrimary(m *github.UserEmail) bool {
--- a/server/server.go
+++ b/server/server.go
@ -80,6 +80,7 @@ type Server struct {
 	GithubClientID     string   `short:"i" long:"github-client-id" description:"Github Client ID for OAuth 2 support" env:"GH_CLIENT_ID"`
 	GithubClientSecret string   `short:"s" long:"github-client-secret" description:"Github Client Secret for OAuth 2 support" env:"GH_CLIENT_SECRET"`
 	GithubOrgs         []string `short:"o" long:"github-organization" description:"Github organization user is required to have active membership" env:"GH_ORGS" env-delim:","`
+	GithubURL          string   `long:"github-url" description:"Github base URL must be specified for Github Enterprise." default:"https://github.com" env:"GH_URL"`

 	EtcdEndpoints      []string       `short:"e" long:"etcd-endpoints" description:"List of etcd endpoints" env:"ETCD_ENDPOINTS" env-delim:","`
 	EtcdUsername       string         `long:"etcd-username" description:"Username to log into etcd." env:"ETCD_USERNAME"`
@ -334,6 +335,7 @@ func (s *Server) githubOAuth(logger chronograf.Logger, auth oauth2.Authenticator
 		ClientID:     s.GithubClientID,
 		ClientSecret: s.GithubClientSecret,
 		Orgs:         s.GithubOrgs,
+		BaseURL:      s.GithubURL,
 		Logger:       logger,
 	}
 	jwt := oauth2.NewJWT(s.TokenSecret, s.JwksURL)