Skip to content

Commit c650133

Browse files
ThomasK33ThomasK33
authored
refactor: move OAuth2 provider code to dedicated package (#18746)
# Refactor OAuth2 Provider Code into Dedicated Package This PR refactors the OAuth2 provider functionality by moving it from the main `coderd` package into a dedicated `oauth2provider` package. The change improves code organization and maintainability without changing functionality. Key changes: - Created a new `oauth2provider` package to house all OAuth2 provider-related code - Moved existing OAuth2 provider functionality from `coderd/identityprovider` to the new package - Refactored handler functions to follow a consistent pattern of returning `http.HandlerFunc` instead of being handlers directly - Split large files into smaller, more focused files organized by functionality: - `app_secrets.go` - Manages OAuth2 application secrets - `apps.go` - Handles OAuth2 application CRUD operations - `authorize.go` - Implements the authorization flow - `metadata.go` - Provides OAuth2 metadata endpoints - `registration.go` - Handles dynamic client registration - `revoke.go` - Implements token revocation - `secrets.go` - Manages secret generation and validation - `tokens.go` - Handles token issuance and validation This refactoring improves code organization and makes the OAuth2 provider functionality more maintainable while preserving all existing behavior.
1 parent 7fbb3ce commit c650133

File tree

17 files changed

+1095
-981
lines changed

17 files changed

+1095
-981
lines changed

coderd/coderd.go

Lines changed: 16 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@ import (
1919
"sync/atomic"
2020
"time"
2121

22+
"github.com/coder/coder/v2/coderd/oauth2provider"
2223
"github.com/coder/coder/v2/coderd/prebuilds"
2324

2425
"github.com/andybalholm/brotli"
@@ -913,9 +914,9 @@ func New(options *Options) *API {
913914
}
914915

915916
// OAuth2 metadata endpoint for RFC 8414 discovery
916-
r.Get("/.well-known/oauth-authorization-server", api.oauth2AuthorizationServerMetadata)
917+
r.Get("/.well-known/oauth-authorization-server", api.oauth2AuthorizationServerMetadata())
917918
// OAuth2 protected resource metadata endpoint for RFC 9728 discovery
918-
r.Get("/.well-known/oauth-protected-resource", api.oauth2ProtectedResourceMetadata)
919+
r.Get("/.well-known/oauth-protected-resource", api.oauth2ProtectedResourceMetadata())
919920

920921
// OAuth2 linking routes do not make sense under the /api/v2 path. These are
921922
// for an external application to use Coder as an OAuth2 provider, not for
@@ -952,17 +953,17 @@ func New(options *Options) *API {
952953
})
953954

954955
// RFC 7591 Dynamic Client Registration - Public endpoint
955-
r.Post("/register", api.postOAuth2ClientRegistration)
956+
r.Post("/register", api.postOAuth2ClientRegistration())
956957

957958
// RFC 7592 Client Configuration Management - Protected by registration access token
958959
r.Route("/clients/{client_id}", func(r chi.Router) {
959960
r.Use(
960961
// Middleware to validate registration access token
961-
api.requireRegistrationAccessToken,
962+
oauth2provider.RequireRegistrationAccessToken(api.Database),
962963
)
963-
r.Get("/", api.oauth2ClientConfiguration) // Read client configuration
964-
r.Put("/", api.putOAuth2ClientConfiguration) // Update client configuration
965-
r.Delete("/", api.deleteOAuth2ClientConfiguration) // Delete client
964+
r.Get("/", api.oauth2ClientConfiguration()) // Read client configuration
965+
r.Put("/", api.putOAuth2ClientConfiguration()) // Update client configuration
966+
r.Delete("/", api.deleteOAuth2ClientConfiguration()) // Delete client
966967
})
967968
})
968969

@@ -1479,22 +1480,22 @@ func New(options *Options) *API {
14791480
httpmw.RequireExperimentWithDevBypass(api.Experiments, codersdk.ExperimentOAuth2),
14801481
)
14811482
r.Route("/apps", func(r chi.Router) {
1482-
r.Get("/", api.oAuth2ProviderApps)
1483-
r.Post("/", api.postOAuth2ProviderApp)
1483+
r.Get("/", api.oAuth2ProviderApps())
1484+
r.Post("/", api.postOAuth2ProviderApp())
14841485

14851486
r.Route("/{app}", func(r chi.Router) {
14861487
r.Use(httpmw.ExtractOAuth2ProviderApp(options.Database))
1487-
r.Get("/", api.oAuth2ProviderApp)
1488-
r.Put("/", api.putOAuth2ProviderApp)
1489-
r.Delete("/", api.deleteOAuth2ProviderApp)
1488+
r.Get("/", api.oAuth2ProviderApp())
1489+
r.Put("/", api.putOAuth2ProviderApp())
1490+
r.Delete("/", api.deleteOAuth2ProviderApp())
14901491

14911492
r.Route("/secrets", func(r chi.Router) {
1492-
r.Get("/", api.oAuth2ProviderAppSecrets)
1493-
r.Post("/", api.postOAuth2ProviderAppSecret)
1493+
r.Get("/", api.oAuth2ProviderAppSecrets())
1494+
r.Post("/", api.postOAuth2ProviderAppSecret())
14941495

14951496
r.Route("/{secretID}", func(r chi.Router) {
14961497
r.Use(httpmw.ExtractOAuth2ProviderAppSecret(options.Database))
1497-
r.Delete("/", api.deleteOAuth2ProviderAppSecret)
1498+
r.Delete("/", api.deleteOAuth2ProviderAppSecret())
14981499
})
14991500
})
15001501
})

0 commit comments

Comments
 (0)