NotificationsYou must be signed in to change notification settings
Fork1k
Star11.1k

Commit38d3d06

committed

feat: add best effort attempt to revoke oauth access token in provider

1 parenta511812 commit38d3d06Copy full SHA for 38d3d06

File tree

7 files changed

+30

-8

lines changed

coderd
- apidoc
  - docs.go
  - swagger.json
- externalauth.go
codersdk
- externalauth.go
site/src
- api
  - api.ts
  - typesGenerated.ts
- pages/UserSettingsPage/ExternalAuthPage
  - ExternalAuthPage.tsx

7 files changed

+30

-8

lines changed

`‎coderd/apidoc/docs.go‎`

Lines changed: 3 additions & 0 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/apidoc/swagger.json‎`

Lines changed: 1 addition & 0 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/externalauth.go‎`

Lines changed: 4 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -85,8 +85,9 @@ func (api API) externalAuthByID(w http.ResponseWriter, r http.Request) {`
`85`	`85`	`// @ID delete-external-auth-user-link-by-id`
`86`	`86`	`// @Security CoderSessionToken`
`87`	`87`	`// @Tags Git`
`88`		`-// @Success 200`
	`88`	`+// @Produce json`
`89`	`89`	`// @Param externalauth path string true "Git Provider ID" format(string)`
	`90`	`+// @Success 200`
`90`	`91`	`// @Router /external-auth/{externalauth} [delete]`
`91`	`92`	`func (apiAPI)deleteExternalAuthByID(w http.ResponseWriter,rhttp.Request) {`
`92`	`93`	`config:=httpmw.ExternalAuthParam(r)`
`@@ -128,11 +129,11 @@ func (api API) deleteExternalAuthByID(w http.ResponseWriter, r http.Request) {`
`128`	`129`
`129`	`130`	`ok,err:=config.RevokeToken(ctx,link)`
`130`	`131`	`iferr!=nil\|\|!ok {`
`131`		`-httpapi.Write(ctx,w,http.StatusOK,"Successfully deleted external auth link, access token has NOT been revoked from the oauth2 provider.")`
	`132`	`+httpapi.Write(ctx,w,http.StatusOK,codersdk.DeleteExternalAuthByIDResponse{TokenRevocationSuccessful:false})`
`132`	`133`	`return`
`133`	`134`	`}`
`134`	`135`
`135`		`-httpapi.Write(ctx,w,http.StatusOK,"Successfully deleted external auth link and revoked token from the oauth2 provider")`
	`136`	`+httpapi.Write(ctx,w,http.StatusOK,codersdk.DeleteExternalAuthByIDResponse{TokenRevocationSuccessful:true})`
`136`	`137`	`}`
`137`	`138`
`138`	`139`	`// @Summary Post external auth device by ID`

`‎codersdk/externalauth.go‎`

Lines changed: 6 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -73,6 +73,12 @@ type ListUserExternalAuthResponse struct {`
`73`	`73`	Links []ExternalAuthLink`json:"links"`
`74`	`74`	`}`
`75`	`75`
	`76`	`+typeDeleteExternalAuthByIDResponsestruct {`
	`77`	`+// TokenRevocationSuccessful set to true if`
	`78`	`+// token revocation in provider was succesfful`
	`79`	`+TokenRevocationSuccessfulbool`
	`80`	`+}`
	`81`	`+`
`76`	`82`	`// ExternalAuthLink is a link between a user and an external auth provider.`
`77`	`83`	`// It excludes information that requires a token to access, so can be statically`
`78`	`84`	`// built from the database and configs.`

`‎site/src/api/api.ts‎`

Lines changed: 4 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -27,6 +27,7 @@ import { delay } from "../utils/delay";`
`27`	`27`	`import{OneWayWebSocket}from"../utils/OneWayWebSocket";`
`28`	`28`	`import{typeFieldError,isApiError}from"./errors";`
`29`	`29`	`importtype{`
	`30`	`+DeleteExternalAuthByIDResponse,`
`30`	`31`	`DynamicParametersRequest,`
`31`	`32`	`PostWorkspaceUsageRequest,`
`32`	`33`	`}from"./typesGenerated";`
`@@ -1727,7 +1728,9 @@ class ApiMethods {`
`1727`	`1728`	`returnresp.data;`
`1728`	`1729`	`};`
`1729`	`1730`
`1730`		`-unlinkExternalAuthProvider=async(provider:string):Promise<string>=>{`
	`1731`	`+unlinkExternalAuthProvider=async(`
	`1732`	`+provider:string,`
	`1733`	`+):Promise<DeleteExternalAuthByIDResponse>=>{`
`1731`	`1734`	constresp=awaitthis.axios.delete(`/api/v2/external-auth/${provider}`);
`1732`	`1735`	`returnresp.data;`
`1733`	`1736`	`};`

`‎site/src/api/typesGenerated.ts‎`

Lines changed: 5 additions & 0 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎site/src/pages/UserSettingsPage/ExternalAuthPage/ExternalAuthPage.tsx‎`

Lines changed: 7 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -11,12 +11,15 @@ import { useMutation, useQuery, useQueryClient } from "react-query";`
`11`	`11`	`import{Section}from"../Section";`
`12`	`12`	`import{ExternalAuthPageView}from"./ExternalAuthPageView";`
`13`	`13`
`14`		`-constRevokeMessage="This action will try to revoke the access token from oauth2 provider."`
	`14`	`+constTryRevokeInfo="This action will try to revoke the access token from oauth2 provider."`
`15`	`15`	`+"Auth link will be removed regardlles if token revocation succedess.";`
`16`		`-constNoRevokMessage="This action will not revoke the access token from the oauth2 provider."`
	`16`	`+constNoRevokeInfo="This action will not revoke the access token from the oauth2 provider."`
`17`	`17`	`+" It only removes the link on this side. To fully revoke access, you must"`
`18`	`18`	`+" do so on the oauth2 provider's side.";`
`19`	`19`
	`20`	`+constRevokeSuccess="Successfully deleted external auth link and revoked token from the oauth2 provider."`
	`21`	`+constRevokeFailed="Successfully deleted external auth link. Token has NOT been revoked from the oauth2 provider."`
	`22`	`+`
`20`	`23`	`constExternalAuthPage:FC=()=>{`
`21`	`24`	`constqueryClient=useQueryClient();`
`22`	`25`	`// This is used to tell the child components something was unlinked and things`
`@@ -61,7 +64,7 @@ const ExternalAuthPage: FC = () => {`
`61`	`64`	`key={appToUnlink}`
`62`	`65`	`title="Unlink Application"`
`63`	`66`	`verb="Unlinking"`
`64`		`-info={appSupportsRevoke ?RevokeMessage :NoRevokMessage}`
	`67`	`+info={appSupportsRevoke ?TryRevokeInfo :NoRevokeInfo}`
`65`	`68`	`label="Name of the application to unlink"`
`66`	`69`	`isOpen={appToUnlink!==undefined}`
`67`	`70`	`confirmLoading={unlinkAppMutation.isPending}`
`@@ -78,7 +81,7 @@ const ExternalAuthPage: FC = () => {`
`78`	`81`	`// this tells our child components to refetch their data`
`79`	`82`	`// as at least 1 provider was unlinked.`
`80`	`83`	`setUnlinked(unlinked+1);`
`81`		`-displaySuccess(unlinkResp);`
	`84`	`+displaySuccess(unlinkResp.TokenRevocationSuccessful ?RevokeSuccess :RevokeFailed);`
`82`	`85`	`}catch(e){`
`83`	`86`	`displayError(getErrorMessage(e,"Error unlinking application."));`
`84`	`87`	`}`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit38d3d06

File tree

7 files changed

7 files changed

`‎coderd/apidoc/docs.go‎`

`‎coderd/apidoc/swagger.json‎`

`‎coderd/externalauth.go‎`

`‎codersdk/externalauth.go‎`

`‎site/src/api/api.ts‎`

`‎site/src/api/typesGenerated.ts‎`

`‎site/src/pages/UserSettingsPage/ExternalAuthPage/ExternalAuthPage.tsx‎`

0 commit comments