我们如何知道用户通过api从github中的默认图片更改了个人资料图片

I'm working on a script to audit Github. so in that process im trying to find a way to know if the GitHub user in my organization has changed their profile picture from the default profile picture.

Im working with the go-github package to access Github. https://github.com/google/go-github/blob/ababee01b03f69965d0ec370e65b61ec7967be34/github/users.go

Currently, I can get the list of users from ListMembers method and GetAvatarURL gets organization users profile image. But I can't get any differentiation from default github image and the user changed image.

Following is the default image ima talking about.

enter image description here

I get the AvatarURL like https://avatars0.githubusercontent.com/u/XXXXXX?v=4 This is the same for default and for images uploaded by the users. only change is the host server of the images like avatars1, avatars2, avatars3 & avatars4.

Is there any other way to find the difference?

1个回答

One way to do this is to get some information about the images using tools like ImageMagick

After checking the Github auto-generated identicons, there are 2 check that would be interesting :

  • check that the image has 2 unique colors :

    identify -format %k  github_avatar.png
    

output:

2
  • one of this color is grey-ish F0F0F0

    convert github_avatar.png -colors 2 \
        -format "%c" histogram:info: | \
        cut -d'#' -f2 | cut -d' ' -f1
    

output:

D65193
F0F0F0

identify and convert tools are part of ImageMagick

The following code use to fetch 50 members of an organization and check each avatarURL with the 2 checks above :

package main
import (
    "github.com/google/go-github/github"
    "fmt"
    "context"
    "os/exec"
    "strconv"
    "strings"
)

func main() {
    client := github.NewClient(nil)
    opt := &github.ListMembersOptions{
        ListOptions: github.ListOptions{PerPage: 50},
    }
    members, _, err := client.Organizations.ListMembers(context.Background(), "IBM", opt)
    if err != nil {
        println(err.Error())
        return
    }
    max := 50
    for i := 0; i < max; i++ {
        identify_cmd := fmt.Sprintf("identify -format %%k %s",*members[i].AvatarURL)
        cmd := exec.Command("bash", "-c",identify_cmd)
        stdout, err := cmd.Output()
        if err != nil {
            println(err.Error())
        } else {
            color_unique, err := strconv.Atoi(string(stdout))
            if err != nil {
                println(err.Error())
            }
            //check that the thumbnail has exactly 2 unique colors
            if (color_unique == 2) {
                //check that the thumbnail has F0F0F0 among those 2 colors
                convert_cmd := fmt.Sprintf("convert %s -colors 2 -format \"%%c\" histogram:info: | cut -d'#' -f2 | cut -d' ' -f1",*members[i].AvatarURL)
                cmd := exec.Command("bash","-c",convert_cmd)
                stdout, err := cmd.Output()
                if err != nil {
                    println(err.Error())
                } else {
                    colors:=strings.Split(string(stdout),"
")
                    has_color:=false
                    for i := 0; i < len(colors); i++ {
                        if (colors[i] == "F0F0F0") {
                            has_color = true
                            break
                        }
                    }
                    if (has_color) {
                        fmt.Printf("[%v/%v] user %v has not set her/his thumbnail image (%v)
",i+1,max,*members[i].HTMLURL,*members[i].AvatarURL)
                    } else {
                        fmt.Printf("[%v/%v] the thumbnail for user %v has 2 unique color but none of them is F0F0F0 (%v)
",i+1,max,*members[i].HTMLURL,*members[i].AvatarURL)
                    }
                }
            } else {
                fmt.Printf("[%v/%v] %v is not a default thumbnail
",i+1,max,*members[i].AvatarURL)
            }
        }
    }
}

Note: In order to pass URL to the tools instead of regular files, I had to edit the file under /etc/ImageMagick-6/policy.xml commenting https policy but you can modify the code to download the avatar image yourself if needed

dongzhiman2162
dongzhiman2162 哇!! 逻辑很好。 @Bertrand我将尝试使用我的脚本进行检查,并及时通知您。
12 个月之前 回复
Csdn user default icon
上传中...
上传图片
插入图片
抄袭、复制答案,以达到刷声望分或其他目的的行为,在CSDN问答是严格禁止的,一经发现立刻封号。是时候展现真正的技术了!
立即提问