From 83f72546989d71633a4be3008548910ece76798e Mon Sep 17 00:00:00 2001
From: Steven Masley <stevenmasley@gmail.com>
Date: Mon, 26 Feb 2024 12:10:23 -0600
Subject: [PATCH 1/2] feat: external auth defaults for gitea

Add some sane defaults for gitea to make it easier to configure
---
 coderd/externalauth/externalauth.go | 34 +++++++++++++++++++++++++++++
 codersdk/externalauth.go            |  4 +++-
 docs/admin/external-auth.md         | 11 ++++++++++
 site/src/api/typesGenerated.ts      |  2 ++
 site/static/icon/gitea.svg          | 12 ++++++++++
 5 files changed, 62 insertions(+), 1 deletion(-)
 create mode 100644 site/static/icon/gitea.svg

diff --git a/coderd/externalauth/externalauth.go b/coderd/externalauth/externalauth.go
index 5ab113ede59e0..b6c14fa180921 100644
--- a/coderd/externalauth/externalauth.go
+++ b/coderd/externalauth/externalauth.go
@@ -566,6 +566,9 @@ func applyDefaultsToConfig(config *codersdk.ExternalAuthConfig) {
 	case codersdk.EnhancedExternalAuthProviderJFrog:
 		copyDefaultSettings(config, jfrogArtifactoryDefaults(config))
 		return
+	case codersdk.EnhancedExternalAuthProviderGitea:
+		copyDefaultSettings(config, giteaDefaults(config))
+		return
 	default:
 		// No defaults for this type. We still want to run this apply with
 		// an empty set of defaults.
@@ -696,6 +699,37 @@ func jfrogArtifactoryDefaults(config *codersdk.ExternalAuthConfig) codersdk.Exte
 	return defaults
 }
 
+func giteaDefaults(config *codersdk.ExternalAuthConfig) codersdk.ExternalAuthConfig {
+	defaults := codersdk.ExternalAuthConfig{
+		DisplayName: "Gitea",
+		Scopes:      []string{"read:repository", " write:repository", "read:user"},
+		DisplayIcon: "/icon/gitea.svg",
+	}
+	// Gitea's servers will have some base url, e.g: https://gitea.coder.com.
+	// If an auth url is not set, we will assume they are using the default
+	// public Gitea.
+	if config.AuthURL == "" {
+		config.AuthURL = "https://gitea.com/login/oauth/authorize"
+	}
+
+	auth, err := url.Parse(config.AuthURL)
+	if err != nil {
+		// We need a valid URL to continue with.
+		return defaults
+	}
+
+	// Default regex should be anything using the same host as the auth url.
+	defaults.Regex = fmt.Sprintf(`^(https?://)?%s(/.*)?$`, strings.ReplaceAll(auth.Host, ".", `\.`))
+
+	tokenURL := auth.ResolveReference(&url.URL{Path: "/login/oauth/access_token"})
+	defaults.TokenURL = tokenURL.String()
+
+	validate := auth.ResolveReference(&url.URL{Path: "/login/oauth/userinfo"})
+	defaults.ValidateURL = validate.String()
+
+	return defaults
+}
+
 var staticDefaults = map[codersdk.EnhancedExternalAuthProvider]codersdk.ExternalAuthConfig{
 	codersdk.EnhancedExternalAuthProviderAzureDevops: {
 		AuthURL:     "https://app.vssps.visualstudio.com/oauth2/authorize",
diff --git a/codersdk/externalauth.go b/codersdk/externalauth.go
index d0b48c1a058fe..b4013e70ad131 100644
--- a/codersdk/externalauth.go
+++ b/codersdk/externalauth.go
@@ -24,7 +24,8 @@ func (e EnhancedExternalAuthProvider) Git() bool {
 		EnhancedExternalAuthProviderGitLab,
 		EnhancedExternalAuthProviderBitBucketCloud,
 		EnhancedExternalAuthProviderBitBucketServer,
-		EnhancedExternalAuthProviderAzureDevops:
+		EnhancedExternalAuthProviderAzureDevops,
+		EnhancedExternalAuthProviderGitea:
 		return true
 	default:
 		return false
@@ -41,6 +42,7 @@ const (
 	EnhancedExternalAuthProviderBitBucketServer EnhancedExternalAuthProvider = "bitbucket-server"
 	EnhancedExternalAuthProviderSlack           EnhancedExternalAuthProvider = "slack"
 	EnhancedExternalAuthProviderJFrog           EnhancedExternalAuthProvider = "jfrog"
+	EnhancedExternalAuthProviderGitea           EnhancedExternalAuthProvider = "gitea"
 )
 
 type ExternalAuth struct {
diff --git a/docs/admin/external-auth.md b/docs/admin/external-auth.md
index cab2cc0a5a3ce..ce14f97281073 100644
--- a/docs/admin/external-auth.md
+++ b/docs/admin/external-auth.md
@@ -124,6 +124,17 @@ CODER_EXTERNAL_AUTH_0_TOKEN_URL="https://gitlab.company.org/oauth/token"
 CODER_EXTERNAL_AUTH_0_REGEX=gitlab\.company\.org
 ```
 
+### Gitea
+
+```env
+CODER_EXTERNAL_AUTH_0_ID="gitea"
+CODER_EXTERNAL_AUTH_0_TYPE=gitea
+CODER_EXTERNAL_AUTH_0_CLIENT_ID=xxxxxxx
+CODER_EXTERNAL_AUTH_0_CLIENT_SECRET=xxxxxxx
+# If self managed, set the Auth URL to your Gitea instance
+CODER_EXTERNAL_AUTH_0_AUTH_URL="https://gitea.com/login/oauth/authorize"
+```
+
 ### Self-managed git providers
 
 Custom authentication and token URLs should be used for self-managed Git
diff --git a/site/src/api/typesGenerated.ts b/site/src/api/typesGenerated.ts
index c24005c754775..1e27e3c980e23 100644
--- a/site/src/api/typesGenerated.ts
+++ b/site/src/api/typesGenerated.ts
@@ -2005,6 +2005,7 @@ export type EnhancedExternalAuthProvider =
   | "azure-devops"
   | "bitbucket-cloud"
   | "bitbucket-server"
+  | "gitea"
   | "github"
   | "gitlab"
   | "jfrog"
@@ -2013,6 +2014,7 @@ export const EnhancedExternalAuthProviders: EnhancedExternalAuthProvider[] = [
   "azure-devops",
   "bitbucket-cloud",
   "bitbucket-server",
+  "gitea",
   "github",
   "gitlab",
   "jfrog",
diff --git a/site/static/icon/gitea.svg b/site/static/icon/gitea.svg
new file mode 100644
index 0000000000000..797d894bc2657
--- /dev/null
+++ b/site/static/icon/gitea.svg
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<svg version="1.1" id="main_outline" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 640 640" style="enable-background:new 0 0 640 640;" xml:space="preserve">
+<g>
+	<path id="teabag" style="fill:#FFFFFF" d="M395.9,484.2l-126.9-61c-12.5-6-17.9-21.2-11.8-33.8l61-126.9c6-12.5,21.2-17.9,33.8-11.8   c17.2,8.3,27.1,13,27.1,13l-0.1-109.2l16.7-0.1l0.1,117.1c0,0,57.4,24.2,83.1,40.1c3.7,2.3,10.2,6.8,12.9,14.4   c2.1,6.1,2,13.1-1,19.3l-61,126.9C423.6,484.9,408.4,490.3,395.9,484.2z"/>
+	<g>
+		<g>
+			<path style="fill:#609926" d="M622.7,149.8c-4.1-4.1-9.6-4-9.6-4s-117.2,6.6-177.9,8c-13.3,0.3-26.5,0.6-39.6,0.7c0,39.1,0,78.2,0,117.2     c-5.5-2.6-11.1-5.3-16.6-7.9c0-36.4-0.1-109.2-0.1-109.2c-29,0.4-89.2-2.2-89.2-2.2s-141.4-7.1-156.8-8.5     c-9.8-0.6-22.5-2.1-39,1.5c-8.7,1.8-33.5,7.4-53.8,26.9C-4.9,212.4,6.6,276.2,8,285.8c1.7,11.7,6.9,44.2,31.7,72.5     c45.8,56.1,144.4,54.8,144.4,54.8s12.1,28.9,30.6,55.5c25,33.1,50.7,58.9,75.7,62c63,0,188.9-0.1,188.9-0.1s12,0.1,28.3-10.3     c14-8.5,26.5-23.4,26.5-23.4s12.9-13.8,30.9-45.3c5.5-9.7,10.1-19.1,14.1-28c0,0,55.2-117.1,55.2-231.1     C633.2,157.9,624.7,151.8,622.7,149.8z M125.6,353.9c-25.9-8.5-36.9-18.7-36.9-18.7S69.6,321.8,60,295.4     c-16.5-44.2-1.4-71.2-1.4-71.2s8.4-22.5,38.5-30c13.8-3.7,31-3.1,31-3.1s7.1,59.4,15.7,94.2c7.2,29.2,24.8,77.7,24.8,77.7     S142.5,359.9,125.6,353.9z M425.9,461.5c0,0-6.1,14.5-19.6,15.4c-5.8,0.4-10.3-1.2-10.3-1.2s-0.3-0.1-5.3-2.1l-112.9-55     c0,0-10.9-5.7-12.8-15.6c-2.2-8.1,2.7-18.1,2.7-18.1L322,273c0,0,4.8-9.7,12.2-13c0.6-0.3,2.3-1,4.5-1.5c8.1-2.1,18,2.8,18,2.8     l110.7,53.7c0,0,12.6,5.7,15.3,16.2c1.9,7.4-0.5,14-1.8,17.2C474.6,363.8,425.9,461.5,425.9,461.5z"/>
+			<path style="fill:#609926" d="M326.8,380.1c-8.2,0.1-15.4,5.8-17.3,13.8c-1.9,8,2,16.3,9.1,20c7.7,4,17.5,1.8,22.7-5.4     c5.1-7.1,4.3-16.9-1.8-23.1l24-49.1c1.5,0.1,3.7,0.2,6.2-0.5c4.1-0.9,7.1-3.6,7.1-3.6c4.2,1.8,8.6,3.8,13.2,6.1     c4.8,2.4,9.3,4.9,13.4,7.3c0.9,0.5,1.8,1.1,2.8,1.9c1.6,1.3,3.4,3.1,4.7,5.5c1.9,5.5-1.9,14.9-1.9,14.9     c-2.3,7.6-18.4,40.6-18.4,40.6c-8.1-0.2-15.3,5-17.7,12.5c-2.6,8.1,1.1,17.3,8.9,21.3c7.8,4,17.4,1.7,22.5-5.3     c5-6.8,4.6-16.3-1.1-22.6c1.9-3.7,3.7-7.4,5.6-11.3c5-10.4,13.5-30.4,13.5-30.4c0.9-1.7,5.7-10.3,2.7-21.3     c-2.5-11.4-12.6-16.7-12.6-16.7c-12.2-7.9-29.2-15.2-29.2-15.2s0-4.1-1.1-7.1c-1.1-3.1-2.8-5.1-3.9-6.3c4.7-9.7,9.4-19.3,14.1-29     c-4.1-2-8.1-4-12.2-6.1c-4.8,9.8-9.7,19.7-14.5,29.5c-6.7-0.1-12.9,3.5-16.1,9.4c-3.4,6.3-2.7,14.1,1.9,19.8     C343.2,346.5,335,363.3,326.8,380.1z"/>
+		</g>
+	</g>
+</g>
+</svg>
\ No newline at end of file

From 819ff1a8bc9d2739d9bf86a03e3781080d18dc45 Mon Sep 17 00:00:00 2001
From: Steven Masley <stevenmasley@gmail.com>
Date: Mon, 26 Feb 2024 12:14:17 -0600
Subject: [PATCH 2/2] make gen

---
 site/src/theme/icons.json | 1 +
 1 file changed, 1 insertion(+)

diff --git a/site/src/theme/icons.json b/site/src/theme/icons.json
index de791cdd0c122..7fd29e815da53 100644
--- a/site/src/theme/icons.json
+++ b/site/src/theme/icons.json
@@ -35,6 +35,7 @@
   "gateway.svg",
   "gcp.png",
   "git.svg",
+  "gitea.svg",
   "github.svg",
   "gitlab.svg",
   "go.svg",