Skip to content

chore(coderd/coderdtest/oidctest): protect mutable fields with rwmutex #17151

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 6 commits into from
Apr 2, 2025
Merged

chore(coderd/coderdtest/oidctest): protect mutable fields with rwmutex #17151

Changes from 1 commit
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
eef11bc
chore(coderd/coderdtest/oidctest): protect mutable fields with rwmutex
johnstcn Mar 28, 2025
e3b553c
go absolutely ham
johnstcn Mar 28, 2025
26125a8
Merge branch 'main' into cj/flake/TestOIDCDomainErrorMessage
johnstcn Mar 28, 2025
451fb15
Merge branch 'main' into cj/flake/TestOIDCDomainErrorMessage
johnstcn Apr 2, 2025
104eaf0
address PR comments
johnstcn Apr 2, 2025
afab785
no more TryLock
johnstcn Apr 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
no more TryLock
  • Loading branch information
@johnstcn
johnstcn committed Apr 2, 2025
commit afab7856b62917b5716ce9a63060dfcd6b9172bf
49 changes: 15 additions & 34 deletions coderd/coderdtest/oidctest/idp.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,57 +92,45 @@ func (f *fakeIDPLocked) PrivateKey() *rsa.PrivateKey {
}

func (f *fakeIDPLocked) Provider() ProviderJSON {
if !f.mu.TryRLock() {
panic("developer error: fakeIDPLocked is already locked")
}
f.mu.RLock()
defer f.mu.RUnlock()
return f.provider
}

func (f *fakeIDPLocked) Config() *oauth2.Config {
if !f.mu.TryRLock() {
panic("developer error: fakeIDPLocked is already locked")
}
f.mu.RLock()
defer f.mu.RUnlock()
return f.cfg
}

func (f *fakeIDPLocked) Handler() http.Handler {
if !f.mu.TryRLock() {
panic("developer error: fakeIDPLocked is already locked")
}
f.mu.RLock()
defer f.mu.RUnlock()
return f.handler
}

func (f *fakeIDPLocked) SetIssuer(issuer string) {
if !f.mu.TryLock() {
panic("developer error: fakeIDPLocked is already locked")
}
f.mu.Lock()
defer f.mu.Unlock()
f.issuer = issuer
}

func (f *fakeIDPLocked) SetIssuerURL(issuerURL *url.URL) {
if !f.mu.TryLock() {
panic("developer error: fakeIDPLocked is already locked")
}
f.mu.Lock()
defer f.mu.Unlock()
f.issuerURL = issuerURL
}

func (f *fakeIDPLocked) SetProvider(provider ProviderJSON) {
if !f.mu.TryLock() {
panic("developer error: fakeIDPLocked is already locked")
}
f.mu.Lock()
defer f.mu.Unlock()
f.provider = provider
}

// MutateConfig is a helper function to mutate the oauth2.Config.
// Beware of re-entrant locks!
func (f *fakeIDPLocked) MutateConfig(fn func(cfg *oauth2.Config)) {
if !f.mu.TryLock() {
panic("developer error: fakeIDPLocked is already locked")
}
f.mu.Lock()
if f.cfg == nil {
f.cfg = &oauth2.Config{}
}
Expand All @@ -151,25 +139,19 @@ func (f *fakeIDPLocked) MutateConfig(fn func(cfg *oauth2.Config)) {
}

func (f *fakeIDPLocked) SetHandler(handler http.Handler) {
if !f.mu.TryLock() {
panic("developer error: fakeIDPLocked is already locked")
}
f.mu.Lock()
defer f.mu.Unlock()
f.handler = handler
}

func (f *fakeIDPLocked) SetFakeCoderd(fakeCoderd func(req *http.Request) (*http.Response, error)) {
if !f.mu.TryLock() {
panic("developer error: fakeIDPLocked is already locked")
}
f.mu.Lock()
defer f.mu.Unlock()
f.fakeCoderd = fakeCoderd
}

func (f *fakeIDPLocked) FakeCoderd() func(req *http.Request) (*http.Response, error) {
if !f.mu.TryRLock() {
panic("developer error: fakeIDPLocked is already locked")
}
f.mu.RLock()
defer f.mu.RUnlock()
return f.fakeCoderd
}
Expand Down Expand Up @@ -1530,17 +1512,16 @@ func (f *FakeIDP) PublicKey() crypto.PublicKey {
func (f *FakeIDP) OauthConfig(t testing.TB, scopes []string) *oauth2.Config {
t.Helper()

authURL := f.locked.Provider().AuthURL
tokenURL := f.locked.Provider().TokenURL
provider := f.locked.Provider()
f.locked.MutateConfig(func(cfg *oauth2.Config) {
if len(scopes) == 0 {
scopes = []string{"openid", "email", "profile"}
}
cfg.ClientID = f.clientID
cfg.ClientSecret = f.clientSecret
cfg.Endpoint = oauth2.Endpoint{
AuthURL: authURL,
TokenURL: tokenURL,
AuthURL: provider.AuthURL,
TokenURL: provider.TokenURL,
AuthStyle: oauth2.AuthStyleInParams,
}
// If the user is using a real network request, they will need to do
Expand Down
Loading