safely return secrets

f0ssel · f0ssel · commit 24bdf1b21006 · 2022-10-24T18:52:24.000Z
diff --git a/cli/deployment/config.go b/cli/deployment/config.go
@@ -152,9 +152,10 @@ func newConfig() *codersdk.DeploymentConfig {
 			Default: 3,
 		},
 		PostgresURL: &codersdk.DeploymentConfigField[string]{
-			Name:  "Postgres Connection URL",
-			Usage: "URL of a PostgreSQL database. If empty, PostgreSQL binaries will be downloaded from Maven (https://repo1.maven.org/maven2) and store all data in the config root. Access the built-in database with \"coder server postgres-builtin-url\".",
-			Flag:  "postgres-url",
+			Name:   "Postgres Connection URL",
+			Usage:  "URL of a PostgreSQL database. If empty, PostgreSQL binaries will be downloaded from Maven (https://repo1.maven.org/maven2) and store all data in the config root. Access the built-in database with \"coder server postgres-builtin-url\".",
+			Flag:   "postgres-url",
+			Secret: true,
 		},
 		OAuth2: &codersdk.OAuth2Config{
 			Github: &codersdk.OAuth2GithubConfig{
@@ -164,9 +165,10 @@ func newConfig() *codersdk.DeploymentConfig {
 					Flag:  "oauth2-github-client-id",
 				},
 				ClientSecret: &codersdk.DeploymentConfigField[string]{
-					Name:  "OAuth2 GitHub Client Secret",
-					Usage: "Client secret for Login with GitHub.",
-					Flag:  "oauth2-github-client-secret",
+					Name:   "OAuth2 GitHub Client Secret",
+					Usage:  "Client secret for Login with GitHub.",
+					Flag:   "oauth2-github-client-secret",
+					Secret: true,
 				},
 				AllowedOrgs: &codersdk.DeploymentConfigField[[]string]{
 					Name:  "OAuth2 GitHub Allowed Orgs",
@@ -203,9 +205,10 @@ func newConfig() *codersdk.DeploymentConfig {
 				Flag:  "oidc-client-id",
 			},
 			ClientSecret: &codersdk.DeploymentConfigField[string]{
-				Name:  "OIDC Client Secret",
-				Usage: "Client secret to use for Login with OIDC.",
-				Flag:  "oidc-client-secret",
+				Name:   "OIDC Client Secret",
+				Usage:  "Client secret to use for Login with OIDC.",
+				Flag:   "oidc-client-secret",
+				Secret: true,
 			},
 			EmailDomain: &codersdk.DeploymentConfigField[string]{
 				Name:  "OIDC Email Domain",
@@ -334,6 +337,7 @@ func newConfig() *codersdk.DeploymentConfig {
 			Usage:      "Enables SCIM and sets the authentication header for the built-in SCIM server. New users are automatically created with OIDC authentication.",
 			Flag:       "scim-auth-header",
 			Enterprise: true,
+			Secret:     true,
 		},
 		UserWorkspaceQuota: &codersdk.DeploymentConfigField[int]{
 			Name:       "User Workspace Quota",
@@ -440,7 +444,7 @@ func NewViper() *viper.Viper {
 	vip.AutomaticEnv()
 	vip.SetEnvKeyReplacer(strings.NewReplacer("-", "_", ".", "_"))
 
-	setViperDefaults("", vip, &dc)
+	setViperDefaults("", vip, dc)
 
 	return vip
 }
diff --git a/codersdk/deploymentconfig.go b/codersdk/deploymentconfig.go
@@ -118,10 +118,30 @@ type DeploymentConfigField[T Flaggable] struct {
 	Shorthand  string `json:"shorthand"`
 	Enterprise bool   `json:"enterprise"`
 	Hidden     bool   `json:"hidden"`
+	Secret     bool   `json:"secret"`
 	Default    T      `json:"default"`
 	Value      T      `json:"value"`
 }
 
+// MarshalJSON removes the Value field from the JSON output of any fields marked Secret.
+// nolint: revive
+func (f *DeploymentConfigField[T]) MarshalJSON() ([]byte, error) {
+	if !f.Secret {
+		return json.Marshal(f)
+	}
+
+	return json.Marshal(DeploymentConfigField[T]{
+		Name:       f.Name,
+		Usage:      f.Usage,
+		Flag:       f.Flag,
+		Shorthand:  f.Shorthand,
+		Enterprise: f.Enterprise,
+		Hidden:     f.Hidden,
+		Secret:     f.Secret,
+		Default:    f.Default,
+	})
+}
+
 // DeploymentConfig returns the deployment config for the coder server.
 func (c *Client) DeploymentConfig(ctx context.Context) (DeploymentConfig, error) {
 	res, err := c.Request(ctx, http.MethodGet, "/api/v2/config/deployment", nil)
