fix: fix oauth group provider check

2025-10-27 20:25:41 +00:00 · 2025-09-25 22:35:44 +03:00
parent c307f7eb2e
commit 085f6257c5
4 changed files with 17 additions and 15 deletions
--- a/internal/bootstrap/app_bootstrap.go
+++ b/internal/bootstrap/app_bootstrap.go
@@ -147,10 +147,6 @@ func (app *BootstrapApp) Setup() error {
 	}

 	// Configured providers
-	babysit := map[string]string{
-		"google": "Google",
-		"github": "GitHub",
-	}
 	configuredProviders := make([]controller.Provider, 0)

 	for id, provider := range oauthProviders {
@@ -159,7 +155,7 @@ func (app *BootstrapApp) Setup() error {
 		}

 		if provider.Name == "" {
-			if name, ok := babysit[id]; ok {
+			if name, ok := config.OverrideProviders[id]; ok {
 				provider.Name = name
 			} else {
 				provider.Name = utils.Capitalize(id)
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -65,6 +65,11 @@ type OAuthServiceConfig struct {
 	Name               string   `key:"name"`
 }

+var OverrideProviders = map[string]string{
+	"google": "Google",
+	"github": "GitHub",
+}
+
 // User/session related stuff

 type User struct {
--- a/internal/service/auth_service.go
+++ b/internal/service/auth_service.go
@@ -309,12 +309,14 @@ func (auth *AuthService) IsInOAuthGroup(c *gin.Context, context config.UserConte
 		return true
 	}

-	if context.Provider != "generic" {
-		log.Debug().Msg("Not using generic provider, skipping group check")
-		return true
+	for id := range config.OverrideProviders {
+		if context.Provider == id {
+			log.Info().Str("provider", id).Msg("OAuth groups not supported for this provider")
+			return true
+		}
 	}

-	for _, userGroup := range strings.Split(context.OAuthGroups, ",") {
+	for userGroup := range strings.SplitSeq(context.OAuthGroups, ",") {
 		if utils.CheckFilter(requiredGroups, strings.TrimSpace(userGroup)) {
 			return true
 		}
--- a/internal/utils/app_utils.go
+++ b/internal/utils/app_utils.go
@@ -183,14 +183,13 @@ func GetOAuthProvidersConfig(env []string, args []string, appUrl string) (map[st
 		providers[name] = provider
 	}

-	// If we have google/github providers and no redirect URL babysit them
-	babysitProviders := []string{"google", "github"}
+	// If we have google/github providers and no redirect URL then set a default

-	for _, name := range babysitProviders {
-		if provider, exists := providers[name]; exists {
+	for id := range config.OverrideProviders {
+		if provider, exists := providers[id]; exists {
 			if provider.RedirectURL == "" {
-				provider.RedirectURL = appUrl + "/api/oauth/callback/" + name
-				providers[name] = provider
+				provider.RedirectURL = appUrl + "/api/oauth/callback/" + id
+				providers[id] = provider
 			}
 		}
 	}