Skip to content

Support setting redirect-uri for GitHub OAuth #8714

New issue
New issue
Closed
Closed
Support setting redirect-uri for GitHub OAuth#8714
@matifali

Description

@matifali
matifali
opened on Jul 25, 2023

Context

GitHub allows specifying redirect_uri to changes the redirect uri if its a subpath or subdomain of the callback URL.
We already have.

coder:
  env:
    - name: CODER_OAUTH2_GITHUB_ALLOW_SIGNUPS
      value: true
    - name: CODER_OAUTH2_GITHUB_ALLOWED_ORGS
      value: "your-org"
    - name: CODER_OAUTH2_GITHUB_CLIENT_ID
      value: "533...des"
    - name: CODER_OAUTH2_GITHUB_CLIENT_SECRET
      value: "G0CSP...7qSM"
+   - name: CODER_OAUTH2_GITHUB_REDIRECT_URI
+     value: https://SUBDOMAIN.coder.example.com  # assuming coder.eaxmple.com/gitauth/github/callback as callback URL set in OAUTH app.
    - name: CODER_OAUTH2_GITHUB_ALLOW_EVERYONE
      value: false

This will allow using the same GitHub OAuth app across multiple Coder deployments. e.g
Deployment 1: https://datascience.coder.example.com
Deployment 2: https://frontend.coder.example.com
etc.

Suggestions

This can be done by using a condition here. If the value of redirect_uri is set, we can modify the below line to use that.

coder/coderd/gitauth/config.go

Line 245 in f6f61df

authRedirect, err := accessURL.Parse(fmt.Sprintf("/gitauth/%s/callback", entry.ID))

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions