8000 Add OAuth2 app filtering by user · coder/coder@8f54132 · GitHub
[go: up one dir, main page]
Skip to content

Commit 8f54132

Browse files
code-ashercode-asher
committed
Add OAuth2 app filtering by user
1 parent 90c8817 commit 8f54132

File tree

3 files changed

+67
-6
lines changed

3 files changed

+67
-6
lines changed

codersdk/oauth2.go

Lines changed: 13 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -28,10 +28,21 @@ type OAuth2AppEndpoints struct {
2828
DeviceAuth string `json:"device_authorization"`
2929
}
3030

31+
type OAuth2ProviderAppFilter struct {
32+
UserID uuid.UUID `json:"user_id,omitempty" format:"uuid"`
33+
}
34+
3135
// OAuth2ProviderApps returns the applications configured to authenticate using
3236
// Coder as an OAuth2 provider.
33-
func (c *Client) OAuth2ProviderApps(ctx context.Context) ([]OAuth2ProviderApp, error) {
34-
res, err := c.Request(ctx, http.MethodGet, "/api/v2/oauth2-provider/apps", nil)
37+
func (c *Client) OAuth2ProviderApps(ctx context.Context, filter OAuth2ProviderAppFilter) ([]OAuth2ProviderApp, error) {
38+
res, err := c.Request(ctx, http.MethodGet, "/api/v2/oauth2-provider/apps", nil,
39+
func(r *http.Request) {
40+
if filter.UserID != uuid.Nil {
41+
q := r.URL.Query()
42+
q.Set("user_id", filter.UserID.String())
43+
r.URL.RawQuery = q.Encode()
44+
}
45+
})
3546
if err != nil {
3647
return []OAuth2ProviderApp{}, err
3748
}

enterprise/coderd/oauth2.go

Lines changed: 34 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@ package coderd
22

33
import (
44
"crypto/sha256"
5+
"fmt"
56
"net/http"
67

78
"github.com/google/uuid"
@@ -45,15 +46,47 @@ func (api *API) oAuth2ProviderMiddleware(next http.Handler) http.Handler {
4546
// @Security CoderSessionToken
4647
// @Produce json
4748
// @Tags Enterprise
49+
// @Param user_id query string false "Filter by applications authorized for a user"
4850
// @Success 200 {array} codersdk.OAuth2ProviderApp
4951
// @Router /oauth2-provider/apps [get]
5052
func (api *API) oAuth2ProviderApps(rw http.ResponseWriter, r *http.Request) {
5153
ctx := r.Context()
52-
dbApps, err := api.Database.GetOAuth2ProviderApps(ctx)
54+
55+
rawUserID := r.URL.Query().Get("user_id")
56+
if rawUserID == "" {
57+
dbApps, err := api.Database.GetOAuth2ProviderApps(ctx)
58+
if err != nil {
59+
httpapi.InternalServerError(rw, err)
60+
return
61+
}
62+
httpapi.Write(ctx, rw, http.StatusOK, db2sdk.OAuth2ProviderApps(api.AccessURL, dbApps))
63+
return
64+
}
65+
66+
userID, err := uuid.Parse(rawUserID)
67+
if err != nil {
68+
httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
69+
Message: "Invalid user UUID",
70+
Detail: fmt.Sprintf("queried user_id=%q", userID),
71+
})
72+
return
73+
}
74+
75+
userApps, err := api.Database.GetOAuth2ProviderAppsByUserID(ctx, userID)
5376
if err != nil {
5477
httpapi.InternalServerError(rw, err)
5578
return
5679
}
80+
81+
var dbApps []database.OAuth2ProviderApp
82+
for _, app := range userApps {
83+
dbApps = append(dbApps, database.OAuth2ProviderApp{
84+
ID: app.OAuth2ProviderApp.ID,
85+
Name: app.OAuth2ProviderApp.Name,
86+
CallbackURL: app.OAuth2ProviderApp.CallbackURL,
87+
Icon: app.OAuth2ProviderApp.Icon,
88+
})
89+
}
5790
httpapi.Write(ctx, rw, http.StatusOK, db2sdk.OAuth2ProviderApps(api.AccessURL, dbApps))
5891
}
5992

enterprise/coderd/oauth2_test.go

Lines changed: 20 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -188,7 +188,7 @@ func TestOAuth2ProviderApps(t *testing.T) {
188188
ctx := testutil.Context(t, testutil.WaitLong)
189189

190190
// No apps yet.
191-
apps, err := another.OAuth2ProviderApps(ctx)
191+
apps, err := another.OAuth2ProviderApps(ctx, codersdk.OAuth2ProviderAppFilter{})
192192
require.NoError(t, err)
193193
require.Len(t, apps, 0)
194194

@@ -200,7 +200,7 @@ func TestOAuth2ProviderApps(t *testing.T) {
200200
}
201201

202202
// Should get all the apps now.
203-
apps, err = another.OAuth2ProviderApps(ctx)
203+
apps, err = another.OAuth2ProviderApps(ctx, codersdk.OAuth2ProviderAppFilter{})
204204
require.NoError(t, err)
205205
require.Len(t, apps, 5)
206206
require.Equal(t, expectedOrder, apps)
@@ -244,12 +244,29 @@ func TestOAuth2ProviderApps(t *testing.T) {
244244
require.NoError(t, err)
245245

246246
// Should show the new count.
247-
newApps, err := another.OAuth2ProviderApps(ctx)
247+
newApps, err := another.OAuth2ProviderApps(ctx, codersdk.OAuth2ProviderAppFilter{})
248248
require.NoError(t, err)
249249
require.Len(t, newApps, 4)
250250

251251
require.Equal(t, expectedOrder[1:], newApps)
252252
})
253+
254+
t.Run("ByUser", func(t *testing.T) {
255+
t.Parallel()
256+
client, owner := coderdenttest.New(t, &coderdenttest.Options{LicenseOptions: &coderdenttest.LicenseOptions{
257+
Features: license.Features{
258+
codersdk.FeatureOAuth2Provider: 1,
259+
},
260+
}})
261+
another, user := coderdtest.CreateAnotherUser(t, client, owner.OrganizationID)
262+
ctx := testutil.Context(t, testutil.WaitLong)
263+
_ = generateApps(ctx, t, client, "by-user")
264+
apps, err := another.OAuth2ProviderApps(ctx, codersdk.OAuth2ProviderAppFilter{
265+
UserID: user.ID,
266+
})
267+
require.NoError(t, err)
268+
require.Len(t, apps, 0)
269+
})
253270
}
254271

255272
func TestOAuth2ProviderAppSecrets(t *testing.T) {

0 commit comments

Comments
 (0)
0