Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit72b4dae

Browse files
committed
Add logging
1 parent54c78df commit72b4dae

File tree

2 files changed

+50
-3
lines changed

2 files changed

+50
-3
lines changed

‎coderd/coderdtest/oidctest/idp.go‎

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -284,6 +284,7 @@ func (f *FakeIDP) updateIssuerURL(t testing.TB, issuer string) {
284284
Algorithms: []string{
285285
"RS256",
286286
},
287+
ExternalAuthURL:u.ResolveReference(&url.URL{Path:fmt.Sprintf("/external-auth-validate/%s",f.externalProviderID)}).String(),
287288
}
288289
}
289290

@@ -529,6 +530,8 @@ type ProviderJSON struct {
529530
JWKSURLstring`json:"jwks_uri"`
530531
UserInfoURLstring`json:"userinfo_endpoint"`
531532
Algorithms []string`json:"id_token_signing_alg_values_supported"`
533+
// This is custom
534+
ExternalAuthURLstring`json:"exteral_auth_url"`
532535
}
533536

534537
// newCode enforces the code exchanged is actually a valid code
@@ -999,6 +1002,7 @@ func (f *FakeIDP) ExternalAuthConfig(t testing.TB, id string, custom *ExternalAu
9991002
}
10001003
instrumentF:=promoauth.NewFactory(prometheus.NewRegistry())
10011004
cfg:=&externalauth.Config{
1005+
DisplayName:id,
10021006
InstrumentedOAuth2Config:instrumentF.New(f.clientID,f.OIDCConfig(t,nil)),
10031007
ID:id,
10041008
// No defaults for these fields by omitting the type
@@ -1011,6 +1015,7 @@ func (f *FakeIDP) ExternalAuthConfig(t testing.TB, id string, custom *ExternalAu
10111015
for_,opt:=rangeopts {
10121016
opt(cfg)
10131017
}
1018+
f.updateIssuerURL(t,f.issuer)
10141019
returncfg
10151020
}
10161021

‎scripts/testidp/main.go‎

Lines changed: 45 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
package main
22

33
import (
4+
"encoding/json"
45
"flag"
56
"log"
67
"os"
@@ -9,15 +10,21 @@ import (
910
"time"
1011

1112
"github.com/golang-jwt/jwt/v4"
13+
"github.com/stretchr/testify/require"
1214

15+
"cdr.dev/slog"
16+
"cdr.dev/slog/sloggers/sloghuman"
1317
"github.com/coder/coder/v2/coderd/coderdtest/oidctest"
18+
"github.com/coder/coder/v2/codersdk"
1419
)
1520

1621
// Flags
1722
var (
1823
expiry=flag.Duration("expiry",time.Minute*5,"Token expiry")
1924
clientID=flag.String("client-id","static-client-id","Client ID, set empty to be random")
2025
clientSecret=flag.String("client-sec","static-client-secret","Client Secret, set empty to be random")
26+
// By default, no regex means it will never match anything. So at least default to matching something.
27+
extRegex=flag.String("ext-regex",`^(https?://)?example\.com(/.*)?$`,"External auth regex")
2128
)
2229

2330
funcmain() {
@@ -37,6 +44,12 @@ func main() {
3744
},nil,nil)
3845
}
3946

47+
typewithClientSecretstruct {
48+
// We never unmarshal this in prod, but we need this field for testing.
49+
ClientSecretstring`json:"client_secret"`
50+
codersdk.ExternalAuthConfig
51+
}
52+
4053
// RunIDP needs the testing.T because our oidctest package requires the
4154
// testing.T.
4255
funcRunIDP()func(t*testing.T) {
@@ -48,15 +61,44 @@ func RunIDP() func(t *testing.T) {
4861
oidctest.WithDefaultExpire(*expiry),
4962
oidctest.WithStaticCredentials(*clientID,*clientSecret),
5063
oidctest.WithIssuer("http://localhost:4500"),
64+
oidctest.WithLogger(slog.Make(sloghuman.Sink(os.Stderr))),
5165
)
5266
id,sec:=idp.AppCredentials()
5367
prov:=idp.WellknownConfig()
68+
constappID="fake"
69+
coderCfg:=idp.ExternalAuthConfig(t,appID,nil)
5470

5571
log.Println("IDP Issuer URL",idp.IssuerURL())
5672
log.Println("Coderd Flags")
57-
log.Printf(`--external-auth-providers='[{"type":"fake","client_id":"%s","client_secret":"%s","auth_url":"%s","token_url":"%s","validate_url":"%s","scopes":["openid","email","profile"]}]'`,
58-
id,sec,prov.AuthURL,prov.TokenURL,prov.UserInfoURL,
59-
)
73+
deviceCodeURL:=""
74+
ifcoderCfg.DeviceAuth!=nil {
75+
deviceCodeURL=coderCfg.DeviceAuth.CodeURL
76+
}
77+
cfg:=withClientSecret{
78+
ClientSecret:sec,
79+
ExternalAuthConfig: codersdk.ExternalAuthConfig{
80+
Type:appID,
81+
ClientID:id,
82+
ClientSecret:sec,
83+
ID:appID,
84+
AuthURL:prov.AuthURL,
85+
TokenURL:prov.TokenURL,
86+
ValidateURL:prov.ExternalAuthURL,
87+
AppInstallURL:coderCfg.AppInstallURL,
88+
AppInstallationsURL:coderCfg.AppInstallationsURL,
89+
NoRefresh:false,
90+
Scopes: []string{"openid","email","profile"},
91+
ExtraTokenKeys:coderCfg.ExtraTokenKeys,
92+
DeviceFlow:coderCfg.DeviceAuth!=nil,
93+
DeviceCodeURL:deviceCodeURL,
94+
Regex:*extRegex,
95+
DisplayName:coderCfg.DisplayName,
96+
DisplayIcon:coderCfg.DisplayIcon,
97+
},
98+
}
99+
data,err:=json.Marshal([]withClientSecret{cfg})
100+
require.NoError(t,err)
101+
log.Printf(`--external-auth-providers='%s'`,string(data))
60102

61103
log.Println("Press Ctrl+C to exit")
62104
c:=make(chan os.Signal,1)

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp