Skip to content

feat: enable oauth2 token exchange #11609

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

feat: enable oauth2 token exchange #11609

wants to merge 1 commit into from

Conversation

code-asher
Copy link
Member

@code-asher code-asher commented Jan 13, 2024
edited
Loading

Closes #11084

Stacked manually so I can compare the experience to Graphite. Depends on:

TODO

  • /authorize static page
  • /authorize redirect
  • /tokens GET
  • /tokens DELETE (revoke)
  • Add endpoints for discoverability
  • Refresh auth grant flow
    • Disable auto-refresh on oauth-generated API keys
  • Hash secrets
  • Handle other auth styles
  • Handle no user agent for /authorize. Return text payload with href??
  • Audit logs
    • Create app
    • Delete app
    • Edit app
    • Revoke app?
    • Authorize app?
    • Token exchange
  • Allow admin to revoke an app for a user
  • Documentation
  • Could use an upsert for replacing the code

@code-asher code-asher force-pushed the asher/oauth2-exchange branch 8 times, most recently from 2e06e4d to 4601a22 Compare January 16, 2024 18:52
@code-asher code-asher marked this pull request as ready for review January 16, 2024 20:23
Parkreiner
Parkreiner reviewed Jan 17, 2024
View reviewed changes
Copy link
Member

@Parkreiner Parkreiner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TypeScript code looks good! Just had some suggestions/questions

@Emyrk - I'm not experienced enough in Go/SQL to give much feedback, but as long as those are good, this PR should be clear to approve

@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 17, 2024
edited
Loading

✔️ PR 11609 Updated successfully.
🚀 Access the credentials here.

cc: @code-asher

Emyrk
Emyrk reviewed Jan 17, 2024
View reviewed changes
This was referenced Jan 19, 2024
Merged
Merged
Merged
@code-asher code-asher marked this pull request as draft January 19, 2024 23:29
@code-asher code-asher force-pushed the asher/oauth2-exchange branch from b7e55ef to c5cc825 Compare January 20, 2024 05:02
@code-asher code-asher changed the base branch from main to asher/oauth2-exchange-fe January 20, 2024 05:02
@code-asher code-asher force-pushed the asher/oauth2-exchange-fe branch from e3beb7d to 93f9d45 Compare January 20, 2024 05:03
@code-asher code-asher force-pushed the asher/oauth2-exchange branch from c5cc825 to 5e8b50a Compare January 20, 2024 05:05
@code-asher code-asher force-pushed the asher/oauth2-exchange-fe branch from 93f9d45 to dd339ea Compare January 20, 2024 05:21
@code-asher code-asher force-pushed the asher/oauth2-exchange branch from 5e8b50a to 4b796e5 Compare January 20, 2024 05:21
@code-asher code-asher force-pushed the asher/oauth2-exchange-fe branch 2 times, most recently from 0514f83 to 8dbae57 Compare January 23, 2024 18:56
@code-asher code-asher changed the title feat: add oauth2 token exchange feat: enable oauth2 token exchange Jan 23, 2024
@code-asher code-asher mentioned this pull request Jan 23, 2024
Closed
This was referenced Jan 23, 2024
Merged
Closed
@code-asher code-asher force-pushed the asher/oauth2-exchange-fe branch from 8dbae57 to 39ea464 Compare January 24, 2024 02:54
@code-asher code-asher force-pushed the asher/oauth2-exchange branch from 4b796e5 to d296fe4 Compare January 24, 2024 02:54
@code-asher code-asher force-pushed the asher/oauth2-exchange-fe branch from 39ea464 to fa0f800 Compare January 25, 2024 00:29
@code-asher code-asher force-pushed the asher/oauth2-exchange branch from d296fe4 to e7f6831 Compare January 25, 2024 00:30
@github-actions github-actions bot added the stale This issue is like stale bread. label Feb 2, 2024
@github-actions github-actions bot closed this Feb 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Emyrk Emyrk Emyrk left review comments

@Parkreiner Parkreiner Parkreiner left review comments

Assignees

@code-asher code-asher

Labels
stale This issue is like stale bread.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Allow Coder to be an OAuth provider
3 participants
@code-asher @Emyrk @Parkreiner