Skip to content

Commit 005c014

Browse files
EmyrkEmyrk
authored
chore: instrument additional github api calls (#11824)
* chore: instrument additional githubapi calls This only affects github as a login source, not external auth.
1 parent e371716 commit 005c014

File tree

2 files changed

+37
-23
lines changed

2 files changed

+37
-23
lines changed

cli/server.go

Lines changed: 25 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -1773,12 +1773,6 @@ func configureGithubOAuth2(instrument *promoauth.Factory, accessURL *url.URL, cl
17731773
Slug: parts[1],
17741774
})
17751775
}
1776-
createClient := func(client *http.Client) (*github.Client, error) {
1777-
if enterpriseBaseURL != "" {
1778-
return github.NewEnterpriseClient(enterpriseBaseURL, "", client)
1779-
}
1780-
return github.NewClient(client), nil
1781-
}
17821776

17831777
endpoint := xgithub.Endpoint
17841778
if enterpriseBaseURL != "" {
@@ -1800,40 +1794,50 @@ func configureGithubOAuth2(instrument *promoauth.Factory, accessURL *url.URL, cl
18001794
}
18011795
}
18021796

1797+
instrumentedOauth := instrument.NewGithub("github-login", &oauth2.Config{
1798+
ClientID: clientID,
1799+
ClientSecret: clientSecret,
1800+
Endpoint: endpoint,
1801+
RedirectURL: redirectURL.String(),
1802+
Scopes: []string{
1803+
"read:user",
1804+
"read:org",
1805+
"user:email",
1806+
},
1807+
})
1808+
1809+
createClient := func(client *http.Client, source promoauth.Oauth2Source) (*github.Client, error) {
1810+
client = instrumentedOauth.InstrumentHTTPClient(client, source)
1811+
if enterpriseBaseURL != "" {
1812+
return github.NewEnterpriseClient(enterpriseBaseURL, "", client)
1813+
}
1814+
return github.NewClient(client), nil
1815+
}
1816+
18031817
return &coderd.GithubOAuth2Config{
1804-
OAuth2Config: instrument.NewGithub("github-login", &oauth2.Config{
1805-
ClientID: clientID,
1806-
ClientSecret: clientSecret,
1807-
Endpoint: endpoint,
1808-
RedirectURL: redirectURL.String(),
1809-
Scopes: []string{
1810-
"read:user",
1811-
"read:org",
1812-
"user:email",
1813-
},
1814-
}),
1818+
OAuth2Config: instrumentedOauth,
18151819
AllowSignups: allowSignups,
18161820
AllowEveryone: allowEveryone,
18171821
AllowOrganizations: allowOrgs,
18181822
AllowTeams: allowTeams,
18191823
AuthenticatedUser: func(ctx context.Context, client *http.Client) (*github.User, error) {
1820-
api, err := createClient(client)
1824+
api, err := createClient(client, promoauth.SourceGitAPIAuthUser)
18211825
if err != nil {
18221826
return nil, err
18231827
}
18241828
user, _, err := api.Users.Get(ctx, "")
18251829
return user, err
18261830
},
18271831
ListEmails: func(ctx context.Context, client *http.Client) ([]*github.UserEmail, error) {
1828-
api, err := createClient(client)
1832+
api, err := createClient(client, promoauth.SourceGitAPIListEmails)
18291833
if err != nil {
18301834
return nil, err
18311835
}
18321836
emails, _, err := api.Users.ListEmails(ctx, &github.ListOptions{})
18331837
return emails, err
18341838
},
18351839
ListOrganizationMemberships: func(ctx context.Context, client *http.Client) ([]*github.Membership, error) {
1836-
api, err := createClient(client)
1840+
api, err := createClient(client, promoauth.SourceGitAPIOrgMemberships)
18371841
if err != nil {
18381842
return nil, err
18391843
}
@@ -1846,7 +1850,7 @@ func configureGithubOAuth2(instrument *promoauth.Factory, accessURL *url.URL, cl
18461850
return memberships, err
18471851
},
18481852
TeamMembership: func(ctx context.Context, client *http.Client, org, teamSlug, username string) (*github.Membership, error) {
1849-
api, err := createClient(client)
1853+
api, err := createClient(client, promoauth.SourceGitAPITeamMemberships)
18501854
if err != nil {
18511855
return nil, err
18521856
}

coderd/promoauth/oauth2.go

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,11 @@ const (
1919
SourceTokenSource Oauth2Source = "TokenSource"
2020
SourceAppInstallations Oauth2Source = "AppInstallations"
2121
SourceAuthorizeDevice Oauth2Source = "AuthorizeDevice"
22+
23+
SourceGitAPIAuthUser Oauth2Source = "GitAPIAuthUser"
24+
SourceGitAPIListEmails Oauth2Source = "GitAPIListEmails"
25+
SourceGitAPIOrgMemberships Oauth2Source = "GitAPIOrgMemberships"
26+
SourceGitAPITeamMemberships Oauth2Source = "GitAPITeamMemberships"
2227
)
2328

2429
// OAuth2Config exposes a subset of *oauth2.Config functions for easier testing.
@@ -209,6 +214,12 @@ func (c *Config) TokenSource(ctx context.Context, token *oauth2.Token) oauth2.To
209214
return c.underlying.TokenSource(c.wrapClient(ctx, SourceTokenSource), token)
210215
}
211216

217+
func (c *Config) InstrumentHTTPClient(hc *http.Client, source Oauth2Source) *http.Client {
218+
// The new tripper will instrument every request made by the oauth2 client.
219+
hc.Transport = newInstrumentedTripper(c, source, hc.Transport)
220+
return hc
221+
}
222+
212223
// wrapClient is the only way we can accurately instrument the oauth2 client.
213224
// This is because method calls to the 'OAuth2Config' interface are not 1:1 with
214225
// network requests.
@@ -229,8 +240,7 @@ func (c *Config) oauthHTTPClient(ctx context.Context, source Oauth2Source) *http
229240
cli = hc
230241
}
231242

232-
// The new tripper will instrument every request made by the oauth2 client.
233-
cli.Transport = newInstrumentedTripper(c, source, cli.Transport)
243+
cli = c.InstrumentHTTPClient(cli, source)
234244
return cli
235245
}
236246

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy