Commit 08c61a3

committed

feat: standardize OAuth2 endpoints and add token revocation

- Change /oauth2/tokens → /oauth2/token per RFC 6749 - Move token deletion to POST /oauth2/revoke per RFC 7009 - Update all endpoint URLs and documentation - Maintain backward compatibility in client libraries feat: implement OAuth2 Device Authorization Grant (RFC 8628) - Add device authorization endpoint /oauth2/device/authorize - Add device verification UI at /oauth2/device - Support device_code grant type in token endpoint - Add database table for device codes with expiration - Implement polling interval and user authorization flow - Add comprehensive test coverage for device flow Change-Id: I7a7eebeb23a4f28718ebed2994d01dc21b49315b Signed-off-by: Thomas Kosiewski <tk@coder.com>

1 parent 78af5e0 commit 08c61a3Copy full SHA for 08c61a3

46 files changed

+5356

-224

lines changed

coderd
- apidoc
  - docs.go
  - swagger.json
- coderd.go
- database
  - db2sdk
    - db2sdk.go
  - dbauthz
    - dbauthz.go
  - dbmetrics
    - querymetrics.go
  - dbmock
    - dbmock.go
  - dump.sql
  - foreign_key_constraint.go
  - migrations
    - 000349_oauth2_device_authorization.down.sql
    - 000349_oauth2_device_authorization.up.sql
  - modelmethods.go
  - models.go
  - querier.go
  - queries.sql.go
  - queries
    - oauth2.sql
  - sqlc.yaml
  - unique_constraint.go
- httpapi
  - httpapi.go
- httpmw
  - oauth2.go
- mcp
  - mcp_e2e_test.go
- oauth2.go
- oauth2_spec_test.go
- oauth2_test.go
- oauth2provider
  - authorize.go
  - device.go
  - metadata.go
  - oauth2providertest
    - helpers.go
    - oauth2_test.go
  - provider_test.go
  - revoke.go
  - revoke_test.go
  - tokens.go
codersdk
- oauth2.go
- oauth2_validation.go
docs/reference/api
- enterprise.md
- schemas.md
scripts/oauth2
site
- site.go
- src
  - api
    - typesGenerated.ts
  - testHelpers
    - entities.ts
- static

46 files changed

+5356

-224

lines changed

`‎coderd/apidoc/docs.go`

Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Comments

(0)

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

Alternative Proxies:

Alternative Proxy