in app/controllers/Login.scala [53:79]
private def checkGoogleGroupMembership(
userIdentity: UserIdentity
): EitherT[Future, Result, Unit] = {
groupChecker
.retrieveGroupsFor(userIdentity.email)
.attemptT
.leftMap({ t =>
val message =
s"Login failure, Could not look up Google groups for ${userIdentity.email}"
logger.warn(message, t)
redirectWithError(failureRedirectTarget, message)
})
.subflatMap { userGroups =>
{
if ((userGroups.intersect(googleGroupsToCheck)).nonEmpty) {
// user is in at least one of the Google groups
Right(())
} else {
val message =
s"Login failure. ${userIdentity.email} does not belong to the required Google groups: ${googleGroupsToCheck
.mkString(", ")}}"
logger.info(message)
Left(redirectWithError(failureRedirectTarget, message))
}
}
}