From d75a864f0e9401f05aac54c722555103be19f7c1 Mon Sep 17 00:00:00 2001
From: Adam G <25728719+Electromaster232@users.noreply.github.com>
Date: Wed, 23 Mar 2022 07:05:20 -0400
Subject: [PATCH] providers/oauth2: map internal groups to GitHub teams in GHE
 OAuth emulation (#2497)

* providers/oauth2: impl `/user/teams` endpoint for Github OAuth2

This commit adds a functional `/user/teams` endpoint for the emulated Github OAuth2 service.
The teams a user is part of are based on the user's groups in Authentik.

* providers/oauth2: Move org template inside loop; Change slug to use Django slugify

* providers/oauth2: Remove placeholder replacement

* Possibly fix complaints from the linters

* Update github.py

* Change organization name

* Update github.py
---
 authentik/providers/oauth2/views/github.py | 57 +++++++++++++++++++++-
 1 file changed, 56 insertions(+), 1 deletion(-)

diff --git a/authentik/providers/oauth2/views/github.py b/authentik/providers/oauth2/views/github.py
index d9a001c26..a9fd0f93b 100644
--- a/authentik/providers/oauth2/views/github.py
+++ b/authentik/providers/oauth2/views/github.py
@@ -1,5 +1,7 @@
 """authentik pretend GitHub Views"""
+
 from django.http import HttpRequest, HttpResponse, JsonResponse
+from django.utils.text import slugify
 from django.views import View
 
 from authentik.providers.oauth2.models import RefreshToken
@@ -66,4 +68,57 @@ class GitHubUserTeamsView(View):
     # pylint: disable=unused-argument
     def get(self, request: HttpRequest, token: RefreshToken) -> HttpResponse:
         """Emulate GitHub's /user/teams API Endpoint"""
-        return JsonResponse([], safe=False)
+        user = token.user
+
+        orgs_response = []
+        for org in user.ak_groups.all():
+            _org = {
+                "id": org.num_pk,
+                "node_id": "",
+                "url": "",
+                "html_url": "",
+                "name": org.name,
+                "slug": slugify(org.name),
+                "description": "",
+                "privacy": "",
+                "permission": "",
+                "members_url": "",
+                "repositories_url": "",
+                "parent": None,
+                "members_count": 0,
+                "repos_count": 0,
+                "created_at": "",
+                "updated_at": "",
+                "organization": {
+                    "login": slugify(request.tenant.branding_title),
+                    "id": 1,
+                    "node_id": "",
+                    "url": "",
+                    "repos_url": "",
+                    "events_url": "",
+                    "hooks_url": "",
+                    "issues_url": "",
+                    "members_url": "",
+                    "public_members_url": "",
+                    "avatar_url": "",
+                    "description": "",
+                    "name": request.tenant.branding_title,
+                    "company": "",
+                    "blog": "",
+                    "location": "",
+                    "email": "",
+                    "is_verified": True,
+                    "has_organization_projects": True,
+                    "has_repository_projects": True,
+                    "public_repos": 0,
+                    "public_gists": 0,
+                    "followers": 0,
+                    "following": 0,
+                    "html_url": "",
+                    "created_at": "",
+                    "updated_at": "",
+                    "type": "Organization",
+                },
+            }
+            orgs_response.append(_org)
+        return JsonResponse(orgs_response, safe=False)