Github Authentication fails open when misconfigured #3767
Description
If you misconfigure authentication, say by mis-spelling "GITHUB_ORGANIZATION" or failing to provide this environment variable, then the default is for Samson to allow all Github users to authenticate to it.
This doesn't seem like a reasonable default and I believe the authentication should fail closed.
This was raised in #1062 but I'd like to re-iterate the comments there. Opening authentication to all Github users should be an explicit setting, not implicit.