Skip to content

fix: refresh all oauth links on external auth page #11605

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 12 commits into from
Closed

fix: refresh all oauth links on external auth page #11605

Changes from 1 commit
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
87b5447
chore: testIDP using static defaults for easier reuse
Emyrk Jan 11, 2024
82c8169
add custom expirary
Emyrk Jan 11, 2024
978601c
Add logging
Emyrk Jan 12, 2024
2fb4b0c
add expires on idp
Emyrk Jan 12, 2024
a34efd5
typo
Emyrk Jan 12, 2024
374e731
Linting
Emyrk Jan 12, 2024
cf85814
Linting
Emyrk Jan 12, 2024
41ae6cd
fix url
Emyrk Jan 12, 2024
51952cd
fix some test urls
Emyrk Jan 12, 2024
1730dac
fix: refresh all oauth links on external auth page
Emyrk Jan 12, 2024
beb2e58
add unit test to verify refresh all
Emyrk Jan 12, 2024
ae72796
linting
Emyrk Jan 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
add unit test to verify refresh all
  • Loading branch information
@Emyrk
Emyrk committed Jan 12, 2024
commit beb2e587fae0994ac0139c42807e6d7e459fadec
62 changes: 62 additions & 0 deletions coderd/externalauth_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ import (

"github.com/coder/coder/v2/coderd/coderdtest"
"github.com/coder/coder/v2/coderd/coderdtest/oidctest"
"github.com/coder/coder/v2/coderd/database"
"github.com/coder/coder/v2/coderd/database/dbauthz"
"github.com/coder/coder/v2/coderd/database/dbtime"
"github.com/coder/coder/v2/coderd/externalauth"
"github.com/coder/coder/v2/coderd/httpapi"
Expand Down Expand Up @@ -198,6 +200,66 @@ func TestExternalAuthManagement(t *testing.T) {
require.Len(t, list.Providers, 2)
require.Len(t, list.Links, 0)
})
t.Run("RefreshAllProviders", func(t *testing.T) {
t.Parallel()
const githubID = "fake-github"
const gitlabID = "fake-gitlab"

githubCalled := false
githubApp := oidctest.NewFakeIDP(t, oidctest.WithServing(), oidctest.WithRefresh(func(email string) error {
githubCalled = true
return nil
}))
gitlabCalled := false
gitlab := oidctest.NewFakeIDP(t, oidctest.WithServing(), oidctest.WithRefresh(func(email string) error {
gitlabCalled = true
return nil
}))

owner, db := coderdtest.NewWithDatabase(t, &coderdtest.Options{
ExternalAuthConfigs: []*externalauth.Config{
githubApp.ExternalAuthConfig(t, githubID, nil, func(cfg *externalauth.Config) {
cfg.Type = codersdk.EnhancedExternalAuthProviderGitHub.String()
}),
gitlab.ExternalAuthConfig(t, gitlabID, nil, func(cfg *externalauth.Config) {
cfg.Type = codersdk.EnhancedExternalAuthProviderGitLab.String()
}),
},
})
ownerUser := coderdtest.CreateFirstUser(t, owner)
// Just a regular user
client, user := coderdtest.CreateAnotherUser(t, owner, ownerUser.OrganizationID)
ctx := testutil.Context(t, testutil.WaitLong)

// Log into github & gitlab
githubApp.ExternalLogin(t, client)
gitlab.ExternalLogin(t, client)

links, err := db.GetExternalAuthLinksByUserID(
dbauthz.As(ctx, coderdtest.AuthzUserSubject(user, ownerUser.OrganizationID)), user.ID)
require.NoError(t, err)
require.Len(t, links, 2)

// Expire the links
for _, l := range links {
_, err := db.UpdateExternalAuthLink(dbauthz.As(ctx, coderdtest.AuthzUserSubject(user, ownerUser.OrganizationID)), database.UpdateExternalAuthLinkParams{
ProviderID: l.ProviderID,
UserID: l.UserID,
UpdatedAt: dbtime.Now(),
OAuthAccessToken: l.OAuthAccessToken,
OAuthRefreshToken: l.OAuthRefreshToken,
OAuthExpiry: time.Now().Add(time.Hour * -1),
OAuthExtra: l.OAuthExtra,
})
require.NoErrorf(t, err, "expire key for %s", l.ProviderID)
}

list, err := client.ListExternalAuths(ctx)
require.NoError(t, err)
require.Len(t, list.Links, 2)
require.True(t, githubCalled, "github should be refreshed")
require.True(t, gitlabCalled, "gitlab should be refreshed")
})
}

func TestExternalAuthDevice(t *testing.T) {
Expand Down