Skip to content

Commit

Permalink
Merge pull request #759 from github/bss-mc-2fa-ent-graphql-examples
Browse files Browse the repository at this point in the history
Create `.graphql` files for checking 2FA status of enterprise members…
  • Loading branch information
bss-mc authored Nov 26, 2024
2 parents 5717604 + c390d9b commit e5d5c0f
Show file tree
Hide file tree
Showing 6 changed files with 159 additions and 0 deletions.
28 changes: 28 additions & 0 deletions graphql/queries/enterprise-members-2fa-disabled.graphql
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
# This GraphQL query will list any enterprise members who have yet to enable 2FA on their personal GitHub account.
# This does not list any outside collaborators, and will not work with Enterprise Managed Users other than the setup user.

query GetEnterpriseMembersWith2faDisabled {
enterprise(slug: "ENTERPRISE_SLUG") {
enterprise_id: id
enterprise_slug: slug
members_with_no_2fa: members(
first: 100
twoFactorMethodSecurity: DISABLED
) {
num_of_members: totalCount
edges {
node {
... on EnterpriseUserAccount {
login
}
}
}
pageInfo {
endCursor
startCursor
hasNextPage
hasPreviousPage
}
}
}
}
28 changes: 28 additions & 0 deletions graphql/queries/enterprise-members-2fa-insecure.graphql
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
# This GraphQL query will list any enterprise members who have enabled 2FA on their GitHub account, but amongst their 2FA methods is SMS (which is deemed insecure).

This comment has been minimized.

Copy link
@Izackebe

Izackebe Nov 28, 2024

Kurde nie znam się ...

# This does not list any outside collaborators, and will not work with Enterprise Managed Users other than the setup user.

query GetEnterpriseMembersWithInsecure2fa {
enterprise(slug: "ENTERPRISE_SLUG") {
enterprise_id: id
enterprise_slug: slug
members_with_insecure_2fa: members(
first: 100
twoFactorMethodSecurity: INSECURE
) {
num_of_members: totalCount
edges {
node {
... on EnterpriseUserAccount {
login
}
}
}
pageInfo {
endCursor
startCursor
hasNextPage
hasPreviousPage
}
}
}
}
28 changes: 28 additions & 0 deletions graphql/queries/enterprise-members-2fa-secure.graphql
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
# This GraphQL query will list any enterprise members who have enabled 2FA on their GitHub account with a secure (non-SMS) method.
# This does not list any outside collaborators, and will not work with Enterprise Managed Users other than the setup user.

query GetEnterpriseMembersWithSecure2fa {
enterprise(slug: "ENTERPRISE_SLUG") {
enterprise_id: id
enterprise_slug: slug
members_with_secure_2fa: members(
first: 100
twoFactorMethodSecurity: SECURE
) {
num_of_members: totalCount
edges {
node {
... on EnterpriseUserAccount {
login
}
}
}
pageInfo {
endCursor
startCursor
hasNextPage
hasPreviousPage
}
}
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
# This GraphQL query will list any outside collaborators in an enterprise who have yet to enable 2FA on their GitHub account.

query GetEnterpriseollaboratorsWith2faDisabled {
enterprise(slug: "ENTERPRISE_SLUG") {
enterprise_id: id
enterprise_slug: slug
enterprise_owner_info: ownerInfo {
collaborators_with_no_2fa: outsideCollaborators(
twoFactorMethodSecurity: DISABLED
first: 100
) {
num_of_collaborators: totalCount
nodes {
login
}
pageInfo {
endCursor
startCursor
hasNextPage
hasPreviousPage
}
}
}
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
# This GraphQL query will list any outside collaborators in an enterprise who have enabled 2FA on their GitHub account, but amongst the 2FA methods is SMS (which is deemed insecure).

query GetEnterpriseCollaboratorsWithInsecure2fa {
enterprise(slug: "ENTERPRISE_SLUG") {
enterprise_id: id
enterprise_slug: slug
enterprise_owner_info: ownerInfo {
collaborators_with_insecure_2fa: outsideCollaborators(
twoFactorMethodSecurity: INSECURE
first: 100
) {
num_of_collaborators: totalCount
nodes {
login
}
pageInfo {
endCursor
startCursor
hasNextPage
hasPreviousPage
}
}
}
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
# This GraphQL query will list any outside collaborators in an enterprise who have enabled 2FA on their GitHub account with a secure (non-SMS) method.

query GetEnterpriseCollaboratorsWithSecure2fa {
enterprise(slug: "ENTERPRISE_SLUG") {
enterprise_id: id
enterprise_slug: slug
enterprise_owner_info: ownerInfo {
collaborators_with_secure_2fa: outsideCollaborators(
twoFactorMethodSecurity: SECURE
first: 100
) {
num_of_collaborators: totalCount
nodes {
login
}
pageInfo {
endCursor
startCursor
hasNextPage
hasPreviousPage
}
}
}
}
}

0 comments on commit e5d5c0f

Please sign in to comment.