Skip to content

fix: refresh all oauth links on external auth page #11646

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Jan 16, 2024
Merged

fix: refresh all oauth links on external auth page #11646

Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a24601b
add unit test to verify refresh all
Emyrk Jan 12, 2024
d923cfc
linting
Emyrk Jan 16, 2024
740f305
fix: refresh all oauth links on external auth page
Emyrk Jan 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
add unit test to verify refresh all
  • Loading branch information
@Emyrk
Emyrk committed Jan 16, 2024
commit a24601ba1bf078084562e9f18c4bbd946a563f4e
62 changes: 62 additions & 0 deletions coderd/externalauth_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ import (

"github.com/coder/coder/v2/coderd/coderdtest"
"github.com/coder/coder/v2/coderd/coderdtest/oidctest"
"github.com/coder/coder/v2/coderd/database"
"github.com/coder/coder/v2/coderd/database/dbauthz"
"github.com/coder/coder/v2/coderd/database/dbtime"
"github.com/coder/coder/v2/coderd/externalauth"
"github.com/coder/coder/v2/coderd/httpapi"
Expand Down Expand Up @@ -198,6 +200,66 @@ func TestExternalAuthManagement(t *testing.T) {
require.Len(t, list.Providers, 2)
require.Len(t, list.Links, 0)
})
t.Run("RefreshAllProviders", func(t *testing.T) {
t.Parallel()
const githubID = "fake-github"
const gitlabID = "fake-gitlab"

githubCalled := false
githubApp := oidctest.NewFakeIDP(t, oidctest.WithServing(), oidctest.WithRefresh(func(email string) error {
githubCalled = true
return nil
}))
gitlabCalled := false
gitlab := oidctest.NewFakeIDP(t, oidctest.WithServing(), oidctest.WithRefresh(func(email string) error {
gitlabCalled = true
return nil
}))

owner, db := coderdtest.NewWithDatabase(t, &coderdtest.Options{
ExternalAuthConfigs: []*externalauth.Config{
githubApp.ExternalAuthConfig(t, githubID, nil, func(cfg *externalauth.Config) {
cfg.Type = codersdk.EnhancedExternalAuthProviderGitHub.String()
}),
gitlab.ExternalAuthConfig(t, gitlabID, nil, func(cfg *externalauth.Config) {
cfg.Type = codersdk.EnhancedExternalAuthProviderGitLab.String()
}),
},
})
ownerUser := coderdtest.CreateFirstUser(t, owner)
// Just a regular user
client, user := coderdtest.CreateAnotherUser(t, owner, ownerUser.OrganizationID)
ctx := testutil.Context(t, testutil.WaitLong)

// Log into github & gitlab
githubApp.ExternalLogin(t, client)
gitlab.ExternalLogin(t, client)

links, err := db.GetExternalAuthLinksByUserID(
dbauthz.As(ctx, coderdtest.AuthzUserSubject(user, ownerUser.OrganizationID)), user.ID)
require.NoError(t, err)
require.Len(t, links, 2)

// Expire the links
for _, l := range links {
_, err := db.UpdateExternalAuthLink(dbauthz.As(ctx, coderdtest.AuthzUserSubject(user, ownerUser.OrganizationID)), database.UpdateExternalAuthLinkParams{
ProviderID: l.ProviderID,
UserID: l.UserID,
UpdatedAt: dbtime.Now(),
OAuthAccessToken: l.OAuthAccessToken,
OAuthRefreshToken: l.OAuthRefreshToken,
OAuthExpiry: time.Now().Add(time.Hour * -1),
OAuthExtra: l.OAuthExtra,
})
require.NoErrorf(t, err, "expire key for %s", l.ProviderID)
}

list, err := client.ListExternalAuths(ctx)
require.NoError(t, err)
require.Len(t, list.Links, 2)
require.True(t, githubCalled, "github should be refreshed")
require.True(t, gitlabCalled, "gitlab should be refreshed")
})
}

func TestExternalAuthDevice(t *testing.T) {
Expand Down