user sees error msg when GitHub login is denied due to allowed orgs

Also renamed an interface function from GetName to GetResourceName. Co-authored-by: Ryan Richard <richardry@vmware.com>
2026-01-05 04:56:11 +00:00 · 2024-05-31 16:24:11 -05:00
parent e3d8c71f97
commit 58b4ecc0aa
22 changed files with 200 additions and 89 deletions
--- a/internal/controller/supervisorconfig/githubupstreamwatcher/github_upstream_watcher_test.go
+++ b/internal/controller/supervisorconfig/githubupstreamwatcher/github_upstream_watcher_test.go
@@ -1882,7 +1882,7 @@ func TestController(t *testing.T) {
 				// Do not expect any particular order in the cache
 				var actualProvider *upstreamgithub.Provider
 				for _, possibleIDP := range actualIDPList {
-					if possibleIDP.GetName() == tt.wantResultingCache[i].Name {
+					if possibleIDP.GetResourceName() == tt.wantResultingCache[i].Name {
 						var ok bool
 						actualProvider, ok = possibleIDP.(*upstreamgithub.Provider)
 						require.True(t, ok)
@@ -1890,7 +1890,7 @@ func TestController(t *testing.T) {
 					}
 				}

-				require.Equal(t, tt.wantResultingCache[i].Name, actualProvider.GetName())
+				require.Equal(t, tt.wantResultingCache[i].Name, actualProvider.GetResourceName())
 				require.Equal(t, tt.wantResultingCache[i].ResourceUID, actualProvider.GetResourceUID())
 				require.Equal(t, tt.wantResultingCache[i].OAuth2Config.ClientID, actualProvider.GetClientID())
 				require.Equal(t, tt.wantResultingCache[i].GroupNameAttribute, actualProvider.GetGroupNameAttribute())
--- a/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher_test.go
+++ b/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher_test.go
@@ -1448,7 +1448,7 @@ oidc: issuer did not match the issuer returned by provider, expected "` + testIs
 			require.Equal(t, len(tt.wantResultingCache), len(actualIDPList))
 			for i := range actualIDPList {
 				actualIDP := actualIDPList[i].(*upstreamoidc.ProviderConfig)
-				require.Equal(t, tt.wantResultingCache[i].GetName(), actualIDP.GetName())
+				require.Equal(t, tt.wantResultingCache[i].GetResourceName(), actualIDP.GetResourceName())
 				require.Equal(t, tt.wantResultingCache[i].GetClientID(), actualIDP.GetClientID())
 				require.Equal(t, tt.wantResultingCache[i].GetAuthorizationURL().String(), actualIDP.GetAuthorizationURL().String())
 				require.Equal(t, tt.wantResultingCache[i].GetUsernameClaim(), actualIDP.GetUsernameClaim())
--- a/internal/controller/supervisorstorage/garbage_collector.go
+++ b/internal/controller/supervisorstorage/garbage_collector.go
@@ -246,7 +246,7 @@ func (c *garbageCollectorController) tryRevokeUpstreamOIDCToken(ctx context.Cont
 	// Try to find the provider that was originally used to create the stored session.
 	var foundOIDCIdentityProviderI upstreamprovider.UpstreamOIDCIdentityProviderI
 	for _, p := range c.idpCache.GetOIDCIdentityProviders() {
-		if p.GetName() == customSessionData.ProviderName && p.GetResourceUID() == customSessionData.ProviderUID {
+		if p.GetResourceName() == customSessionData.ProviderName && p.GetResourceUID() == customSessionData.ProviderUID {
 			foundOIDCIdentityProviderI = p
 			break
 		}