Skip to content

feat: standardize OAuth2 endpoints and implement token revocation #18809

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
+6,058 −379
Open

feat: standardize OAuth2 endpoints and implement token revocation #18809

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
51cb62a
feat: standardize OAuth2 endpoints and add token revocation
ThomasK33 Jul 7, 2025
9dfcc8a
chore: add OAuth2 device flow test scripts
ThomasK33 Jul 7, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
feat: standardize OAuth2 endpoints and add token revocation 
  - Change /oauth2/tokens → /oauth2/token per RFC 6749
  - Move token deletion to POST /oauth2/revoke per RFC 7009
  - Update all endpoint URLs and documentation
  - Maintain backward compatibility in client libraries

feat: implement OAuth2 Device Authorization Grant (RFC 8628)

  - Add device authorization endpoint /oauth2/device/authorize
  - Add device verification UI at /oauth2/device
  - Support device_code grant type in token endpoint
  - Add database table for device codes with expiration
  - Implement polling interval and user authorization flow
  - Add comprehensive test coverage for device flow

Change-Id: I7a7eebeb23a4f28718ebed2994d01dc21b49315b
Signed-off-by: Thomas Kosiewski <tk@coder.com>
  • Loading branch information
@ThomasK33
ThomasK33 committed Jul 22, 2025
commit 51cb62a09a9dd742ffbc626423547fab351cdcc3
232 changes: 203 additions & 29 deletions coderd/apidoc/docs.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy