Merge pull request #1232 from Avanade/1177-latest-associate-new-githu…

…b-account-to-user

1177 latest associate new GitHub account to user

.bicep/webapp/parameters.json

@@ -72,6 +72,7 @@
                 "EXEMPTION": "",
 
                 "ENABLED_REMOVE_COLLABORATORS": "",
+                "ENABLED_REMOVE_ENTERPRISE_MEMBER": "",
 
                 "ORGANIZATION_NAME":"",
                 "REGIONAL_ORG_PREFIX": "",

.github/workflows/setup-appservice-resource.yml

@@ -83,6 +83,7 @@ jobs:
           parameters.appServiceSettings.value.COPILOT_GROUP_SLUG : ${{ vars.COPILOT_GROUP_SLUG }}
           parameters.appServiceSettings.value.EXEMPTION : ${{ vars.EXEMPTION }}
           parameters.appServiceSettings.value.ENABLED_REMOVE_COLLABORATORS : ${{ vars.ENABLED_REMOVE_COLLABORATORS }}
+          parameters.appServiceSettings.value.ENABLED_REMOVE_ENTERPRISE_MEMBER : ${{ vars.ENABLED_REMOVE_ENTERPRISE_MEMBER }}
           parameters.appServiceSettings.value.ORGANIZATION_NAME : ${{ vars.ORGANIZATION_NAME }}
           parameters.appServiceSettings.value.REGIONAL_ORG_PREFIX: ${{ vars.REGIONAL_ORG_PREFIX }}
           parameters.appServiceSettings.value.LINK_INNERSOURCE_GENERAL_LEGAL_GUIDELINES : ${{ vars.LINK_INNERSOURCE_GENERAL_LEGAL_GUIDELINES }}

src/goapp/.env.template

@@ -54,6 +54,7 @@ EXEMPTION=""
 ENABLED_REMOVE_COLLABORATORS=<Defaults to false>
 ENABLED_REPO_OWNER_SCAN=<Defaults to false>
 ENABLED_INDEX_ORG_REPO=<Defaults to false>
+ENABLED_REMOVE_ENTERPRISE_MEMBER=<Defaults to false>
 ORGANIZATION_NAME=""
 LINK_INNERSOURCE_GENERAL_LEGAL_GUIDELINES=""
 LINK_INNERSOURCE_GENERAL_GUIDELINES=""

src/goapp/pkg/github/github.go

@@ -632,6 +632,39 @@ func GetRepositoryProjects(owner string, name string, token string) (*GetReposit
 	return &result, nil
 }
 
+func GetUserByLogin(login string, token string) (*GetUserByLoginResult, error) {
+	src := oauth2.StaticTokenSource(
+		&oauth2.Token{AccessToken: token},
+	)
+	httpClient := oauth2.NewClient(context.Background(), src)
+	httpClient.Transport = &customTransport{Transport: httpClient.Transport}
+
+	client := githubv4.NewClient(httpClient)
+
+	var result GetUserByLoginResult
+	var queryResult GetUserByLoginQuery
+
+	variables := map[string]interface{}{
+		"login": githubv4.String(login),
+	}
+	err := client.Query(context.Background(), &queryResult, variables)
+	if err != nil {
+		return nil, err
+	}
+
+	if queryResult.User.ID == nil {
+		return nil, fmt.Errorf("node ID of %s is not found", queryResult.User.Login)
+	}
+
+	result.User = User{
+		Id:         queryResult.User.ID.(string),
+		DatabaseId: int64(queryResult.User.DatabaseId),
+		Login:      string(queryResult.User.Login),
+	}
+
+	return &result, nil
+}
+
 // Query structs
 type GetOrganizationsWithinEnterpriseQuery struct {
 	Enterprise struct {
@@ -683,6 +716,14 @@ type GetRepositoryProjectsQuery struct {
 	} `graphql:"repository(owner: $owner, name: $name)"`
 }
 
+type GetUserByLoginQuery struct {
+	User struct {
+		ID         githubv4.ID
+		DatabaseId githubv4.Int
+		Login      githubv4.String
+	} `graphql:"user(login: $login)"`
+}
+
 type PageInfo struct {
 	EndCursor   githubv4.String
 	HasNextPage bool
@@ -702,6 +743,10 @@ type GetRepositoryProjectsResult struct {
 	Projects   []Project
 }
 
+type GetUserByLoginResult struct {
+	User
+}
+
 // Structs
 type Member struct {
 	Id              string
@@ -722,3 +767,9 @@ type Project struct {
 	CreatedAt  time.Time
 	UpdatedAt  time.Time
 }
+
+type User struct {
+	Id         string
+	DatabaseId int64
+	Login      string
+}

src/goapp/routes/api/github.go

@@ -547,7 +547,7 @@ func ProcessCleanupEnterpriseOrgs(enterpriseMembers *ghAPI.GetMembersByEnterpris
 				muRAD.Lock()
 				removeMembers = append(removeMembers, fmt.Sprintln(member.Username, " - ", member.Email))
 				muRAD.Unlock()
-				if ev.GetEnvVar("ENABLED_REMOVE_COLLABORATORS", "false") == "true" {
+				if ev.GetEnvVar("ENABLED_REMOVE_COLLABORATORS", "false") == "true" && ev.GetEnvVar("ENABLED_REMOVE_ENTERPRISE_MEMBER", "false") == "true" {
 					token := os.Getenv("GH_TOKEN")
 					enterpriseId := os.Getenv("GH_ENTERPRISE_ID")
 					err := ghAPI.RemoveEnterpriseMember(token, enterpriseId, member.NodeId)

src/goapp/routes/login/github/callback.go

@@ -12,6 +12,7 @@ import (
 
 	auth "main/pkg/authentication"
 	"main/pkg/email"
+	ev "main/pkg/envvar"
 	db "main/pkg/ghmgmtdb"
 	ghAPI "main/pkg/github"
 	"main/pkg/msgraph"
@@ -160,6 +161,21 @@ func GithubForceSaveHandler(w http.ResponseWriter, r *http.Request) {
 	ghId := strconv.FormatFloat(p["id"].(float64), 'f', 0, 64)
 	ghUser := fmt.Sprintf("%s", p["login"])
 
+	if ev.GetEnvVar("ENABLED_REMOVE_ENTERPRISE_MEMBER", "false") == "true" {
+		user, err := ghAPI.GetUserByLogin(ghUser, os.Getenv("GH_TOKEN"))
+		if err != nil {
+			log.Println(err.Error())
+		}
+		enterpriseToken := os.Getenv("GH_ENTERPRISE_TOKEN")
+		enterpriseId := os.Getenv("GH_ENTERPRISE_ID")
+		err = ghAPI.RemoveEnterpriseMember(enterpriseToken, enterpriseId, user.Id)
+		if err != nil {
+			log.Println(err.Error())
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+	}
+
 	result, err := db.UpdateUserGithub(userPrincipalName, ghId, ghUser, 1)
 	if err != nil {
 		log.Println(err.Error())
@@ -185,7 +201,21 @@ func GithubForceSaveHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	http.Redirect(w, r, "/", http.StatusSeeOther)
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusOK)
+
+	orgNames := struct {
+		InnerSourceOrgName string `json:"innersourceOrgName"`
+	}{
+		InnerSourceOrgName: os.Getenv("GH_ORG_INNERSOURCE"),
+	}
+
+	jsonResp, err := json.Marshal(orgNames)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+	w.Write(jsonResp)
 }
 
 func CheckMembership(userPrincipalName, ghusername string) {