- Notifications
You must be signed in to change notification settings - Fork907
Description
Is there an existing issue for this?
- I have searched the existing issues
Current Behavior
We havea system that refreshes expired api keys backed by oauth2 if a refresh token is available.
However, in the case when the api key is expired but the oauth2 access token isn’t, the refresh logic is not triggered, and the api keyExpiresAt field is not updated.
Relavant check:
Line 261 inbbe7dac
| iflink.OAuthExpiry.Before(now)&&!link.OAuthExpiry.IsZero()&&link.OAuthRefreshToken!="" { |
Early exit ifExpiresAt is not updated.
Lines 319 to 324 inbbe7dac
| ifkey.ExpiresAt.Before(now) { | |
| returnoptionalWrite(http.StatusUnauthorized, codersdk.Response{ | |
| Message:SignedOutErrorMessage, | |
| Detail:fmt.Sprintf("API key expired at %q.",key.ExpiresAt.String()), | |
| }) | |
| } |
Relevant Log Output
Expected Behavior
I'd expect theExpiresAt field to be updated when a valid OAuth2 access token is available.
Steps to Reproduce
The way I triggered it is I manually updated theExpiresAt field on an api key to the current time via a SQL query and then refreshed the Coder web UI.
Environment
- Host OS: Linux
- Coder version: 2.20.2
Additional Context
No response