fix: do not require client_secret for external auth providers (#10016)

kylecarbs · web-flow · commit eeab33b1c392 · 2023-10-03T14:29:34.000Z
Device-based auth does not need a client secret.
diff --git a/coderd/externalauth/externalauth.go b/coderd/externalauth/externalauth.go
@@ -383,9 +383,6 @@ func ConvertConfig(entries []codersdk.ExternalAuthConfig, accessURL *url.URL) ([
 		if entry.ClientID == "" {
 			return nil, xerrors.Errorf("%q external auth provider: client_id must be provided", entry.ID)
 		}
-		if entry.ClientSecret == "" {
-			return nil, xerrors.Errorf("%q external auth provider: client_secret must be provided", entry.ID)
-		}
 
 		_, exists := ids[entry.ID]
 		if exists {

Original file line number	Diff line number	Diff line change
`@@ -383,9 +383,6 @@ func ConvertConfig(entries []codersdk.ExternalAuthConfig, accessURL *url.URL) ([`
`383`	`383`	`if entry.ClientID == "" {`
`384`	`384`	`return nil, xerrors.Errorf("%q external auth provider: client_id must be provided", entry.ID)`
`385`	`385`	`}`
`386`		`- if entry.ClientSecret == "" {`
`387`		`- return nil, xerrors.Errorf("%q external auth provider: client_secret must be provided", entry.ID)`
`388`		`- }`
`389`	`386`
`390`	`387`	`_, exists := ids[entry.ID]`
`391`	`388`	`if exists {`