Skip to content

feat: add client credentials OAuth2 applications for API access #18846

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: thomask33/07-12-feat_oauth2_add_client_credentials_grant_type_and_user_ownership
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 15 additions & 12 deletions .claude/docs/TESTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -62,21 +62,23 @@ coderd/

### Running Tests

| Command | Purpose |
|---------|---------|
| `make test` | Run all Go tests |
| `make test RUN=TestFunctionName` | Run specific test |
| `go test -v ./path/to/package -run TestFunctionName` | Run test with verbose output |
| `make test-postgres` | Run tests with Postgres database |
| `make test-race` | Run tests with Go race detector |
| `make test-e2e` | Run end-to-end tests |
| Command | Purpose |
|------------------------------------------------------|----------------------------------|
| `make test` | Run all Go tests |
| `make test PACKAGE=./pkg/...` | Run tests for specific package |
| `make test RUN=TestFunctionName` | Run specific test |
| `make test PACKAGE=./pkg/... RUN=TestFunctionName` | Run specific test in package |
| `go test -v ./path/to/package -run TestFunctionName` | Run test with verbose output |
| `make test-postgres` | Run tests with Postgres database |
| `make test-race` | Run tests with Go race detector |
| `make test-e2e` | Run end-to-end tests |

### Frontend Testing

| Command | Purpose |
|---------|---------|
| `pnpm test` | Run frontend tests |
| `pnpm check` | Run code checks |
| Command | Purpose |
|--------------|--------------------|
| `pnpm test` | Run frontend tests |
| `pnpm check` | Run code checks |

## Common Testing Issues

Expand Down Expand Up @@ -207,6 +209,7 @@ func BenchmarkFunction(b *testing.B) {
```

Run benchmarks with:

```bash
go test -bench=. -benchmem ./package/path
```
2 changes: 2 additions & 0 deletions .claude/docs/WORKFLOWS.md
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,9 @@
### Test Execution

- Run full test suite: `make test`
- Run specific package: `make test PACKAGE=./coderd/oauth2/...`
- Run specific test: `make test RUN=TestFunctionName`
- Run specific test in package: `make test PACKAGE=./coderd/oauth2/... RUN=TestFunctionName`
- Run with Postgres: `make test-postgres`
- Run with race detector: `make test-race`
- Run end-to-end tests: `make test-e2e`
Expand Down
28 changes: 15 additions & 13 deletions CLAUDE.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,19 +7,21 @@

## 🚀 Essential Commands

| Task | Command | Notes |
|-------------------|--------------------------|----------------------------------|
| **Development** | `./scripts/develop.sh` | ⚠️ Don't use manual build |
| **Build** | `make build` | Fat binaries (includes server) |
| **Build Slim** | `make build-slim` | Slim binaries |
| **Test** | `make test` | Full test suite |
| **Test Single** | `make test RUN=TestName` | Faster than full suite |
| **Test Postgres** | `make test-postgres` | Run tests with Postgres database |
| **Test Race** | `make test-race` | Run tests with Go race detector |
| **Lint** | `make lint` | Always run after changes |
| **Generate** | `make gen` | After database changes |
| **Format** | `make fmt` | Auto-format code |
| **Clean** | `make clean` | Clean build artifacts |
| Task | Command | Notes |
|-------------------|--------------------------------------------|----------------------------------|
| **Development** | `./scripts/develop.sh` | ⚠️ Don't use manual build |
| **Build** | `make build` | Fat binaries (includes server) |
| **Build Slim** | `make build-slim` | Slim binaries |
| **Test** | `make test` | Full test suite |
| **Test Package** | `make test PACKAGE=./pkg/...` | Test specific package |
| **Test Single** | `make test RUN=TestName` | Faster than full suite |
| **Test Combined** | `make test PACKAGE=./pkg/... RUN=TestName` | Test specific test in package |
| **Test Postgres** | `make test-postgres` | Run tests with Postgres database |
| **Test Race** | `make test-race` | Run tests with Go race detector |
| **Lint** | `make lint` | Always run after changes |
| **Generate** | `make gen` | After database changes |
| **Format** | `make fmt` | Auto-format code |
| **Clean** | `make clean` | Clean build artifacts |

### Frontend Commands (site directory)

Expand Down
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -936,7 +936,7 @@ GOTESTSUM_RETRY_FLAGS :=
endif

test:
$(GIT_FLAGS) gotestsum --format standard-quiet $(GOTESTSUM_RETRY_FLAGS) --packages="./..." -- -v -short -count=1 $(if $(RUN),-run $(RUN))
$(GIT_FLAGS) gotestsum --format standard-quiet $(GOTESTSUM_RETRY_FLAGS) --packages="$(if $(PACKAGE),$(PACKAGE),./...)" -- -v -short -count=1 $(if $(RUN),-run $(RUN))
.PHONY: test

test-cli:
Expand Down
38 changes: 32 additions & 6 deletions coderd/apidoc/docs.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

36 changes: 32 additions & 4 deletions coderd/apidoc/swagger.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

82 changes: 71 additions & 11 deletions coderd/database/db2sdk/db2sdk.go
Original file line number Diff line number Diff line change
Expand Up @@ -353,23 +353,34 @@ func TemplateVersionParameterOptionFromPreview(option *previewtypes.ParameterOpt
}
}

// oauth2AppEndpoints generates the OAuth2 endpoints for an app
func oauth2AppEndpoints(accessURL *url.URL) codersdk.OAuth2AppEndpoints {
return codersdk.OAuth2AppEndpoints{
Authorization: accessURL.ResolveReference(&url.URL{
Path: "/oauth2/authorize",
}).String(),
Token: accessURL.ResolveReference(&url.URL{
Path: "/oauth2/token",
}).String(),
DeviceAuth: accessURL.ResolveReference(&url.URL{
Path: "/oauth2/device",
}).String(),
Revocation: accessURL.ResolveReference(&url.URL{
Path: "/oauth2/revoke",
}).String(),
}
}

func OAuth2ProviderApp(accessURL *url.URL, dbApp database.OAuth2ProviderApp) codersdk.OAuth2ProviderApp {
return codersdk.OAuth2ProviderApp{
ID: dbApp.ID,
Name: dbApp.Name,
RedirectURIs: dbApp.RedirectUris,
Icon: dbApp.Icon,
Endpoints: codersdk.OAuth2AppEndpoints{
Authorization: accessURL.ResolveReference(&url.URL{
Path: "/oauth2/authorize",
}).String(),
Token: accessURL.ResolveReference(&url.URL{
Path: "/oauth2/token",
}).String(),
DeviceAuth: accessURL.ResolveReference(&url.URL{
Path: "/oauth2/device/authorize",
}).String(),
},
CreatedAt: dbApp.CreatedAt,
GrantTypes: dbApp.GrantTypes,
UserID: dbApp.UserID.UUID,
Endpoints: oauth2AppEndpoints(accessURL),
}
}

Expand All @@ -379,6 +390,55 @@ func OAuth2ProviderApps(accessURL *url.URL, dbApps []database.OAuth2ProviderApp)
})
}

func OAuth2ProviderAppRow(accessURL *url.URL, dbApp database.GetOAuth2ProviderAppByIDRow) codersdk.OAuth2ProviderApp {
return codersdk.OAuth2ProviderApp{
ID: dbApp.ID,
Name: dbApp.Name,
RedirectURIs: dbApp.RedirectUris,
Icon: dbApp.Icon,
CreatedAt: dbApp.CreatedAt,
GrantTypes: dbApp.GrantTypes,
UserID: dbApp.UserID.UUID,
Username: dbApp.Username.String,
Email: dbApp.Email.String,
Endpoints: oauth2AppEndpoints(accessURL),
}
}

func OAuth2ProviderAppsRows(accessURL *url.URL, dbApps []database.GetOAuth2ProviderAppsRow) []codersdk.OAuth2ProviderApp {
return List(dbApps, func(dbApp database.GetOAuth2ProviderAppsRow) codersdk.OAuth2ProviderApp {
return codersdk.OAuth2ProviderApp{
ID: dbApp.ID,
Name: dbApp.Name,
RedirectURIs: dbApp.RedirectUris,
Icon: dbApp.Icon,
CreatedAt: dbApp.CreatedAt,
GrantTypes: dbApp.GrantTypes,
UserID: dbApp.UserID.UUID,
Username: dbApp.Username.String,
Email: dbApp.Email.String,
Endpoints: oauth2AppEndpoints(accessURL),
}
})
}

func OAuth2ProviderAppsByOwnerIDRows(accessURL *url.URL, dbApps []database.GetOAuth2ProviderAppsByOwnerIDRow) []codersdk.OAuth2ProviderApp {
return List(dbApps, func(dbApp database.GetOAuth2ProviderAppsByOwnerIDRow) codersdk.OAuth2ProviderApp {
return codersdk.OAuth2ProviderApp{
ID: dbApp.ID,
Name: dbApp.Name,
RedirectURIs: dbApp.RedirectUris,
Icon: dbApp.Icon,
CreatedAt: dbApp.CreatedAt,
GrantTypes: dbApp.GrantTypes,
UserID: dbApp.UserID.UUID,
Username: dbApp.Username.String,
Email: dbApp.Email.String,
Endpoints: oauth2AppEndpoints(accessURL),
}
})
}

func convertDisplayApps(apps []database.DisplayApp) []codersdk.DisplayApp {
dapps := make([]codersdk.DisplayApp, 0, len(apps))
for _, app := range apps {
Expand Down
Loading
Loading