chore: remove GitHub group support (#763)

Signed-off-by: Grant Linville <grant@acorn.io>

Author: g-linville

github-auth-provider/main.go

@@ -7,7 +7,6 @@ import (
 	"fmt"
 	"net/http"
 	"os"
-	"slices"
 	"strings"
 	"time"
 
@@ -18,7 +17,6 @@ import (
 	"github.com/obot-platform/tools/auth-providers-common/pkg/env"
 	"github.com/obot-platform/tools/auth-providers-common/pkg/state"
 	"github.com/obot-platform/tools/github-auth-provider/pkg/profile"
-	"github.com/sahilm/fuzzy"
 )
 
 type Options struct {
@@ -132,8 +130,6 @@ func main() {
 		}
 		json.NewEncoder(w).Encode(userInfo)
 	})
-	mux.HandleFunc("/obot-list-auth-groups", listGroups(opts.GitHubOrg))
-	mux.HandleFunc("/obot-list-user-auth-groups", listUserGroups)
 	mux.HandleFunc("/", oauthProxy.ServeHTTP)
 
 	fmt.Printf("listening on 127.0.0.1:%s\n", port)
@@ -208,84 +204,3 @@ func getState(p *oauth2proxy.OAuthProxy) http.HandlerFunc {
 		}
 	}
 }
-
-func listGroups(restrictOrg *string) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		token := r.Header.Get("Authorization")
-		if token == "" {
-			http.Error(w, "no authorization token provided", http.StatusUnauthorized)
-			return
-		}
-
-		groups, err := profile.FetchUserGroupInfos(r.Context(), token)
-		if err != nil {
-			http.Error(w, fmt.Sprintf("failed to fetch user auth groups: %v", err), http.StatusInternalServerError)
-			return
-		}
-
-		// Handle nil groups slice
-		if groups == nil {
-			groups = state.GroupInfoList{}
-		}
-
-		if restrictOrg != nil && *restrictOrg != "" {
-			// Elide all org and team groups that don't match the restrictOrg when set
-			groups = slices.DeleteFunc(groups, func(g state.GroupInfo) bool {
-				orgLogin, _, _ := strings.Cut(g.Name, "/")
-				return orgLogin != *restrictOrg
-			})
-		}
-
-		// Get the name query parameter for filtering
-		nameFilter := r.URL.Query().Get("name")
-		if nameFilter != "" && len(groups) > 0 {
-			// Create a slice of group names for fuzzy matching
-			groupNames := make([]string, len(groups))
-			for i, group := range groups {
-				groupNames[i] = group.Name
-			}
-
-			// Perform fuzzy search - results are automatically ranked by relevance
-			matches := fuzzy.Find(nameFilter, groupNames)
-
-			// Filter groups based on fuzzy matches, preserving the relevance order
-			var filteredGroups state.GroupInfoList
-			for _, match := range matches {
-				filteredGroups = append(filteredGroups, groups[match.Index])
-			}
-			groups = filteredGroups
-		}
-
-		if err := json.NewEncoder(w).Encode(groups); err != nil {
-			http.Error(w, fmt.Sprintf("failed to encode groups: %v", err), http.StatusInternalServerError)
-			return
-		}
-	}
-}
-
-func listUserGroups(w http.ResponseWriter, r *http.Request) {
-	token := r.Header.Get("Authorization")
-	if token == "" {
-		http.Error(w, "no authorization token provided", http.StatusUnauthorized)
-		return
-	}
-
-	groups, err := profile.FetchUserGroupInfos(r.Context(), token)
-	if err != nil {
-		http.Error(w, fmt.Sprintf("failed to fetch user auth groups: %v", err), http.StatusInternalServerError)
-		return
-	}
-
-	// Handle nil groups slice
-	if groups == nil {
-		groups = state.GroupInfoList{}
-	}
-
-	// Note: Don't elide org and team groups because removing them here would cause Obot to drop
-	// group membership for the respective user and would cause ACR's to garbage collect MCP servers and
-	// server instances. In this case we want admins to manually clean up group based ACRs.
-	if err := json.NewEncoder(w).Encode(groups); err != nil {
-		http.Error(w, fmt.Sprintf("failed to encode groups: %v", err), http.StatusInternalServerError)
-		return
-	}
-}

github-auth-provider/pkg/profile/profile.go

@@ -6,10 +6,6 @@ import (
 	"fmt"
 	"io"
 	"net/http"
-	"slices"
-	"strings"
-
-	"github.com/obot-platform/tools/auth-providers-common/pkg/state"
 )
 
 var githubBaseURL = "https://api.github.com"
@@ -49,18 +45,6 @@ type githubUserProfile struct {
 	UpdatedAt         string `json:"updated_at"`
 }
 
-type githubOrganization struct {
-	ID        int64  `json:"id"`
-	Login     string `json:"login"`
-	AvatarURL string `json:"avatar_url"`
-}
-
-type githubTeam struct {
-	ID           int64              `json:"id"`
-	Slug         string             `json:"slug"`
-	Organization githubOrganization `json:"organization"`
-}
-
 func FetchUserProfile(ctx context.Context, accessToken string) (*githubUserProfile, error) {
 	var result githubUserProfile
 	err := makeGitHubRequest(ctx, accessToken, "user", &result)
@@ -70,44 +54,6 @@ func FetchUserProfile(ctx context.Context, accessToken string) (*githubUserProfi
 	return &result, nil
 }
 
-func FetchUserGroupInfos(ctx context.Context, accessToken string) (state.GroupInfoList, error) {
-	var (
-		infos state.GroupInfoList
-		orgs  []githubOrganization
-	)
-	err := makeGitHubRequest(ctx, accessToken, "user/orgs", &orgs)
-	if err != nil {
-		return nil, fmt.Errorf("failed to fetch user organizations: %w", err)
-	}
-	for _, org := range orgs {
-		infos = append(infos, state.GroupInfo{
-			ID:      fmt.Sprintf("github/org/%d", org.ID),
-			Name:    org.Login,
-			IconURL: &org.AvatarURL,
-		})
-	}
-
-	var teams []githubTeam
-	err = makeGitHubRequest(ctx, accessToken, "user/teams", &teams)
-	if err != nil {
-		return nil, fmt.Errorf("failed to fetch user teams: %w", err)
-	}
-	for _, team := range teams {
-		infos = append(infos, state.GroupInfo{
-			ID:      fmt.Sprintf("github/org/%d/team/%d", team.Organization.ID, team.ID),
-			Name:    fmt.Sprintf("%s/%s", team.Organization.Login, team.Slug),
-			IconURL: &team.Organization.AvatarURL,
-		})
-	}
-
-	// Sort groups by ID lexicographically
-	slices.SortFunc(infos, func(a, b state.GroupInfo) int {
-		return strings.Compare(a.ID, b.ID)
-	})
-
-	return infos, nil
-}
-
 func makeGitHubRequest(ctx context.Context, accessToken, path string, result any) error {
 	req, err := http.NewRequestWithContext(ctx, http.MethodGet, fmt.Sprintf("%s/%s", githubBaseURL, path), nil)
 	if err != nil {