From ef08ad831729b6930066ce5c973e68c4843149cd Mon Sep 17 00:00:00 2001 From: Nandor Kracser Date: Wed, 14 Aug 2019 13:33:46 +0200 Subject: [PATCH] gitlab: add groups scope by default when filtering is requested --- connector/gitlab/gitlab.go | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/connector/gitlab/gitlab.go b/connector/gitlab/gitlab.go index fca6fbf5b5..d9cffdedd5 100644 --- a/connector/gitlab/gitlab.go +++ b/connector/gitlab/gitlab.go @@ -84,7 +84,7 @@ type gitlabConnector struct { func (c *gitlabConnector) oauth2Config(scopes connector.Scopes) *oauth2.Config { gitlabScopes := []string{scopeUser} - if scopes.Groups { + if c.groupsRequired(scopes.Groups) { gitlabScopes = []string{scopeUser, scopeOpenID} } @@ -156,7 +156,7 @@ func (c *gitlabConnector) HandleCallback(s connector.Scopes, r *http.Request) (i identity.UserID = user.Username } - if s.Groups { + if c.groupsRequired(s.Groups) { groups, err := c.getGroups(ctx, client, s.Groups, user.Username) if err != nil { return identity, fmt.Errorf("gitlab: get groups: %v", err) @@ -199,7 +199,7 @@ func (c *gitlabConnector) Refresh(ctx context.Context, s connector.Scopes, ident ident.Username = username ident.Email = user.Email - if s.Groups { + if c.groupsRequired(s.Groups) { groups, err := c.getGroups(ctx, client, s.Groups, user.Username) if err != nil { return ident, fmt.Errorf("gitlab: get groups: %v", err) @@ -209,6 +209,10 @@ func (c *gitlabConnector) Refresh(ctx context.Context, s connector.Scopes, ident return ident, nil } +func (c *gitlabConnector) groupsRequired(groupScope bool) bool { + return len(c.groups) > 0 || groupScope +} + // user queries the GitLab API for profile information using the provided client. The HTTP // client is expected to be constructed by the golang.org/x/oauth2 package, which inserts // a bearer token as part of the request.