coder
diff --git a/‎coderd/apidoc/docs.go
Lines changed: 6 additions & 0 deletions b/‎coderd/apidoc/docs.go
Lines changed: 6 additions & 0 deletions
diff --git a/‎coderd/apidoc/swagger.json
Lines changed: 6 additions & 0 deletions b/‎coderd/apidoc/swagger.json
Lines changed: 6 additions & 0 deletions
diff --git a/‎coderd/database/db2sdk/db2sdk.go
Lines changed: 10 additions & 3 deletions b/‎coderd/database/db2sdk/db2sdk.go
Lines changed: 10 additions & 3 deletions
diff --git a/‎coderd/externalauth.go
Lines changed: 31 additions & 1 deletion b/‎coderd/externalauth.go
Lines changed: 31 additions & 1 deletion
diff --git a/‎codersdk/externalauth.go
Lines changed: 2 additions & 0 deletions b/‎codersdk/externalauth.go
Lines changed: 2 additions & 0 deletions
diff --git a/‎docs/api/git.md
Lines changed: 3 additions & 1 deletion b/‎docs/api/git.md
Lines changed: 3 additions & 1 deletion
diff --git a/‎docs/api/schemas.md
Lines changed: 5 additions & 1 deletion b/‎docs/api/schemas.md
Lines changed: 5 additions & 1 deletion
diff --git a/‎site/src/api/queries/externalauth.ts
Lines changed: 13 additions & 0 deletions b/‎site/src/api/queries/externalauth.ts
Lines changed: 13 additions & 0 deletions
diff --git a/‎site/src/api/typesGenerated.ts
Lines changed: 2 additions & 0 deletions b/‎site/src/api/typesGenerated.ts
Lines changed: 2 additions & 0 deletions
diff --git a/‎site/src/pages/CreateWorkspacePage/ExternalAuth.tsx
Lines changed: 16 additions & 9 deletions b/‎site/src/pages/CreateWorkspacePage/ExternalAuth.tsx
Lines changed: 16 additions & 9 deletions
@@ -16,21 +16,28 @@ import (
 	"github.com/coder/coder/v2/provisionersdk/proto"
 )
 
-func ExternalAuths(auths []database.ExternalAuthLink) []codersdk.ExternalAuthLink {
+type ExternalAuthMeta struct {
+	Authenticated bool
+	ValidateError string
+}
+
+func ExternalAuths(auths []database.ExternalAuthLink, meta map[string]ExternalAuthMeta) []codersdk.ExternalAuthLink {
 	out := make([]codersdk.ExternalAuthLink, 0, len(auths))
 	for _, auth := range auths {
-		out = append(out, ExternalAuth(auth))
+		out = append(out, ExternalAuth(auth, meta[auth.ProviderID]))
 	}
 	return out
 }
 
-func ExternalAuth(auth database.ExternalAuthLink) codersdk.ExternalAuthLink {
+func ExternalAuth(auth database.ExternalAuthLink, meta ExternalAuthMeta) codersdk.ExternalAuthLink {
 	return codersdk.ExternalAuthLink{
 		ProviderID:      auth.ProviderID,
 		CreatedAt:       auth.CreatedAt,
 		UpdatedAt:       auth.UpdatedAt,
 		HasRefreshToken: auth.OAuthRefreshToken != "",
 		Expires:         auth.OAuthExpiry,
+		Authenticated:   meta.Authenticated,
+		ValidateError:   meta.ValidateError,
 	}
 }
 
 
@@ -337,14 +337,44 @@ func (api *API) listUserExternalAuths(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	// This process of authenticating each external link increases the
+	// response time. However, it is necessary to more correctly debug
+	// authentication issues.
+	// We can do this in parallel if we want to speed it up.
+	configs := make(map[string]*externalauth.Config)
+	for _, cfg := range api.ExternalAuthConfigs {
+		configs[cfg.ID] = cfg
+	}
+	// Check if the links are authenticated.
+	linkMeta := make(map[string]db2sdk.ExternalAuthMeta)
+	for i, link := range links {
+		if link.OAuthAccessToken != "" {
+			cfg, ok := configs[link.ProviderID]
+			if ok {
+				newLink, valid, err := cfg.RefreshToken(ctx, api.Database, link)
+				meta := db2sdk.ExternalAuthMeta{
+					Authenticated: valid,
+				}
+				if err != nil {
+					meta.ValidateError = err.Error()
+				}
+				// Update the link if it was potentially refreshed.
+				if err == nil && valid {
+					links[i] = newLink
+				}
+				break
+			}
+		}
+	}
+
 	// Note: It would be really nice if we could cfg.Validate() the links and
 	// return their authenticated status. To do this, we would also have to
 	// refresh expired tokens too. For now, I do not want to cause the excess
 	// traffic on this request, so the user will have to do this with a separate
 	// call.
 	httpapi.Write(ctx, rw, http.StatusOK, codersdk.ListUserExternalAuthResponse{
 		Providers: ExternalAuthConfigs(api.ExternalAuthConfigs),
-		Links:     db2sdk.ExternalAuths(links),
+		Links:     db2sdk.ExternalAuths(links, linkMeta),
 	})
 }
 
 
@@ -76,6 +76,8 @@ type ExternalAuthLink struct {
 	UpdatedAt       time.Time `json:"updated_at" format:"date-time"`
 	HasRefreshToken bool      `json:"has_refresh_token"`
 	Expires         time.Time `json:"expires" format:"date-time"`
+	Authenticated   bool      `json:"authenticated"`
+	ValidateError   string    `json:"validate_error"`
 }
 
 // ExternalAuthLinkProvider are the static details of a provider.
 
@@ -11,6 +11,19 @@ export const listUserExternalAuths = () => {
   };
 };
 
+const getUserExternalAuthKey = (providerID: string) => [
+  providerID,
+  "get",
+  "external-auth",
+];
+
+export const userExternalAuth = (providerID: string) => {
+  return {
+    queryKey: getUserExternalAuthKey(providerID),
+    queryFn: () => API.getExternalAuthProvider(providerID),
+  };
+};
+
 export const validateExternalAuth = (_: QueryClient) => {
   return {
     mutationFn: API.getExternalAuthProvider,
 
@@ -15,6 +15,7 @@ export interface ExternalAuthProps {
   externalAuthPollingState: ExternalAuthPollingState;
   startPollingExternalAuth: () => void;
   error?: string;
+  message?: string;
 }
 
 export const ExternalAuth: FC<ExternalAuthProps> = (props) => {
@@ -26,8 +27,14 @@ export const ExternalAuth: FC<ExternalAuthProps> = (props) => {
     externalAuthPollingState,
     startPollingExternalAuth,
     error,
+    message,
   } = props;
 
+  const messageContent =
+    message ??
+    (authenticated
+      ? `Authenticated with ${displayName}`
+      : `Login with ${displayName}`);
   return (
     <Tooltip
       title={authenticated && `${displayName} has already been connected.`}
@@ -40,12 +47,14 @@ export const ExternalAuth: FC<ExternalAuthProps> = (props) => {
           variant="contained"
           size="large"
           startIcon={
-            <img
-              src={displayIcon}
-              alt={`${displayName} Icon`}
-              width={16}
-              height={16}
-            />
+            displayIcon && (
+              <img
+                src={displayIcon}
+                alt={`${displayName} Icon`}
+                width={16}
+                height={16}
+              />
+            )
           }
           disabled={authenticated}
           css={{ height: 52 }}
@@ -61,9 +70,7 @@ export const ExternalAuth: FC<ExternalAuthProps> = (props) => {
             startPollingExternalAuth();
           }}
         >
-          {authenticated
-            ? `Authenticated with ${displayName}`
-            : `Login with ${displayName}`}
+          {messageContent}
         </LoadingButton>
 
         {externalAuthPollingState === "abandoned" && (
Original file line number	Diff line number	Diff line change
`@@ -16,21 +16,28 @@ import (`
`16`	`16`	`"github.com/coder/coder/v2/provisionersdk/proto"`
`17`	`17`	`)`
`18`	`18`
`19`		`-func ExternalAuths(auths []database.ExternalAuthLink) []codersdk.ExternalAuthLink {`
	`19`	`+type ExternalAuthMeta struct {`
	`20`	`+ Authenticated bool`
	`21`	`+ ValidateError string`
	`22`	`+}`
	`23`	`+`
	`24`	`+func ExternalAuths(auths []database.ExternalAuthLink, meta map[string]ExternalAuthMeta) []codersdk.ExternalAuthLink {`
`20`	`25`	`out := make([]codersdk.ExternalAuthLink, 0, len(auths))`
`21`	`26`	`for _, auth := range auths {`
`22`		`- out = append(out, ExternalAuth(auth))`
	`27`	`+ out = append(out, ExternalAuth(auth, meta[auth.ProviderID]))`
`23`	`28`	`}`
`24`	`29`	`return out`
`25`	`30`	`}`
`26`	`31`
`27`		`-func ExternalAuth(auth database.ExternalAuthLink) codersdk.ExternalAuthLink {`
	`32`	`+func ExternalAuth(auth database.ExternalAuthLink, meta ExternalAuthMeta) codersdk.ExternalAuthLink {`
`28`	`33`	`return codersdk.ExternalAuthLink{`
`29`	`34`	`ProviderID: auth.ProviderID,`
`30`	`35`	`CreatedAt: auth.CreatedAt,`
`31`	`36`	`UpdatedAt: auth.UpdatedAt,`
`32`	`37`	`HasRefreshToken: auth.OAuthRefreshToken != "",`
`33`	`38`	`Expires: auth.OAuthExpiry,`
	`39`	`+ Authenticated: meta.Authenticated,`
	`40`	`+ ValidateError: meta.ValidateError,`
`34`	`41`	`}`
`35`	`42`	`}`
`36`	`43`
Original file line number	Diff line number	Diff line change
`@@ -76,6 +76,8 @@ type ExternalAuthLink struct {`
`76`	`76`	UpdatedAt time.Time `json:"updated_at" format:"date-time"`
`77`	`77`	HasRefreshToken bool `json:"has_refresh_token"`
`78`	`78`	Expires time.Time `json:"expires" format:"date-time"`
	`79`	+ Authenticated bool `json:"authenticated"`
	`80`	+ ValidateError string `json:"validate_error"`
`79`	`81`	`}`
`80`	`82`
`81`	`83`	`// ExternalAuthLinkProvider are the static details of a provider.`