8000 docs: applications and authorization by mtojek · Pull Request #5477 · coder/coder · GitHub
[go: up one dir, main page]
Skip to content

docs: applications and authorization #5477

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 15 commits into from
Dec 21, 2022
+830 −231
Merged

docs: applications and authorization #5477

Changes from 1 commit
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
ffc1748
docs: Applications
mtojek Dec 20, 2022
d259c05
WIP
mtojek Dec 20, 2022
a26eac5
WIP
mtojek Dec 20, 2022
9950d35
WIP
mtojek Dec 20, 2022
fbbbf9a
Fix: consume
mtojek Dec 20, 2022
2f0b499
Fix: @Description
mtojek Dec 20, 2022
e5a4618
Fix
mtojek Dec 20, 2022
7c9002f
Merge branch 'main' into 3522-document-more-methods
mtojek Dec 20, 2022
e8286f6
Fix: s/none//g
mtojek Dec 21, 2022
60e0f27
Fix: godoc nice
mtojek Dec 21, 2022
74de5d4
Fix: description
mtojek Dec 21, 2022
095a463
Fix: It
mtojek Dec 21, 2022
4719a18
Fix: code sample trim empty line
mtojek Dec 21, 2022
ef213ac
More fixes
mtojek Dec 21, 2022
12d904a
Fix: br
mtojek Dec 21, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Merge branch 'main' into 3522-document-more-methods
  • Loading branch information
@mtojek
mtojek committed Dec 20, 2022
commit 7c9002f3548c42236644ea56e8eea3b1e14c3483
45 changes: 45 additions & 0 deletions coderd/workspaceapps.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -569,6 +569,51 @@ func (api *API) verifyWorkspaceApplicationSubdomainAuth(rw http.ResponseWriter,
return false
}

// setWorkspaceAppCookie sets a cookie on the workspace app domain. If the app
// hostname cannot be parsed properly, a static error page is rendered and false
// is returned.
//
// If an empty token is supplied, it will clear the cookie.
func (api *API) setWorkspaceAppCookie(rw http.ResponseWriter, r *http.Request, token string) bool {
hostSplit := strings.SplitN(api.AppHostname, ".", 2)
if len(hostSplit) != 2 {
// This should be impossible as we verify the app hostname on
// startup, but we'll check anyways.
api.Logger.Error(r.Context(), "could not split invalid app hostname", slog.F("hostname", api.AppHostname))
site.RenderStaticErrorPage(rw, r, site.ErrorPageData{
Status: http.StatusInternalServerError,
Title: "Internal Server Error",
Description: "The app is configured with an invalid app wildcard hostname. Please contact an administrator.",
RetryEnabled: false,
DashboardURL: api.AccessURL.String(),
})
return false
}

// Set the app cookie for all subdomains of api.AppHostname. This cookie is
// handled properly by the ExtractAPIKey middleware.
//
// We don't set an expiration because the key in the database already has an
// expiration.
maxAge := 0
if token == "" {
maxAge = -1
}
cookieHost := "." + hostSplit[1]
http.SetCookie(rw, &http.Cookie{
Name: httpmw.DevURLSessionTokenCookie,
Value: token,
Domain: cookieHost,
Path: "/",
MaxAge: maxAge,
HttpOnly: true,
SameSite: http.SameSiteLaxMode,
Secure: api.SecureAuthCookie,
})

return true
}

// @Summary Redirect to URI with encrypted API key
// @ID redirect-to-uri-with-encrypted-api-key
// @Security CoderSessionToken
Expand Down
You are viewing a condensed version of this merge commit. You can view the full changes here.
0