Skip to content

Commit db0f2a0

Browse files
ThomasK33ThomasK33
committed
refactor(oauth2): restructure oauth2 provider into modular package
- Rename identityprovider package to oauth2provider for clarity - Extract OAuth2 business logic from coderd/oauth2.go into focused modules: - apps.go: OAuth2 app management (CRUD operations) - app_secrets.go: OAuth2 app secrets management - metadata.go: OAuth2 server and resource metadata endpoints - registration.go: RFC 7591/7592 dynamic client registration - Update route handlers to delegate to oauth2provider functions - Preserve all existing API endpoints and Swagger documentation - Fix compilation issues and update middleware references - All tests passing with zero regressions This refactoring improves code organization and maintainability while preserving complete API compatibility. Change-Id: Ieef7cf3683ec93667f09a0d4894190a1e1a0b16e Signed-off-by: Thomas Kosiewski <tk@coder.com>
1 parent 7fbb3ce commit db0f2a0

File tree

17 files changed

+1095
-981
lines changed

17 files changed

+1095
-981
lines changed

coderd/coderd.go

Lines changed: 16 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@ import (
1919
"sync/atomic"
2020
"time"
2121

22+
"github.com/coder/coder/v2/coderd/oauth2provider"
2223
"github.com/coder/coder/v2/coderd/prebuilds"
2324

2425
"github.com/andybalholm/brotli"
@@ -913,9 +914,9 @@ func New(options *Options) *API {
913914
}
914915

915916
// OAuth2 metadata endpoint for RFC 8414 discovery
916-
r.Get("/.well-known/oauth-authorization-server", api.oauth2AuthorizationServerMetadata)
917+
r.Get("/.well-known/oauth-authorization-server", api.oauth2AuthorizationServerMetadata())
917918
// OAuth2 protected resource metadata endpoint for RFC 9728 discovery
918-
r.Get("/.well-known/oauth-protected-resource", api.oauth2ProtectedResourceMetadata)
919+
r.Get("/.well-known/oauth-protected-resource", api.oauth2ProtectedResourceMetadata())
919920

920921
// OAuth2 linking routes do not make sense under the /api/v2 path. These are
921922
// for an external application to use Coder as an OAuth2 provider, not for
@@ -952,17 +953,17 @@ func New(options *Options) *API {
952953
})
953954

954955
// RFC 7591 Dynamic Client Registration - Public endpoint
955-
r.Post("/register", api.postOAuth2ClientRegistration)
956+
r.Post("/register", api.postOAuth2ClientRegistration())
956957

957958
// RFC 7592 Client Configuration Management - Protected by registration access token
958959
r.Route("/clients/{client_id}", func(r chi.Router) {
959960
r.Use(
960961
// Middleware to validate registration access token
961-
api.requireRegistrationAccessToken,
962+
oauth2provider.RequireRegistrationAccessToken(api.Database),
962963
)
963-
r.Get("/", api.oauth2ClientConfiguration) // Read client configuration
964-
r.Put("/", api.putOAuth2ClientConfiguration) // Update client configuration
965-
r.Delete("/", api.deleteOAuth2ClientConfiguration) // Delete client
964+
r.Get("/", api.oauth2ClientConfiguration()) // Read client configuration
965+
r.Put("/", api.putOAuth2ClientConfiguration()) // Update client configuration
966+
r.Delete("/", api.deleteOAuth2ClientConfiguration()) // Delete client
966967
})
967968
})
968969

@@ -1479,22 +1480,22 @@ func New(options *Options) *API {
14791480
httpmw.RequireExperimentWithDevBypass(api.Experiments, codersdk.ExperimentOAuth2),
14801481
)
14811482
r.Route("/apps", func(r chi.Router) {
1482-
r.Get("/", api.oAuth2ProviderApps)
1483-
r.Post("/", api.postOAuth2ProviderApp)
1483+
r.Get("/", api.oAuth2ProviderApps())
1484+
r.Post("/", api.postOAuth2ProviderApp())
14841485

14851486
r.Route("/{app}", func(r chi.Router) {
14861487
r.Use(httpmw.ExtractOAuth2ProviderApp(options.Database))
1487-
r.Get("/", api.oAuth2ProviderApp)
1488-
r.Put("/", api.putOAuth2ProviderApp)
1489-
r.Delete("/", api.deleteOAuth2ProviderApp)
1488+
r.Get("/", api.oAuth2ProviderApp())
1489+
r.Put("/", api.putOAuth2ProviderApp())
1490+
r.Delete("/", api.deleteOAuth2ProviderApp())
14901491

14911492
r.Route("/secrets", func(r chi.Router) {
1492-
r.Get("/", api.oAuth2ProviderAppSecrets)
1493-
r.Post("/", api.postOAuth2ProviderAppSecret)
1493+
r.Get("/", api.oAuth2ProviderAppSecrets())
1494+
r.Post("/", api.postOAuth2ProviderAppSecret())
14941495

14951496
r.Route("/{secretID}", func(r chi.Router) {
14961497
r.Use(httpmw.ExtractOAuth2ProviderAppSecret(options.Database))
1497-
r.Delete("/", api.deleteOAuth2ProviderAppSecret)
1498+
r.Delete("/", api.deleteOAuth2ProviderAppSecret())
14981499
})
14991500
})
15001501
})

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy