fix: Allow custom Git OAuth URLs

kylecarbs · kylecarbs · commit 7d1246ea8b09 · 2022-10-26T03:22:44.000Z
Fixes an issue reported in Discord where custom endpoints
weren't working.
diff --git a/cli/deployment/config.go b/cli/deployment/config.go
@@ -462,14 +462,20 @@ func readSliceFromViper[T any](vip *viper.Viper, key string, value any) []T {
 			if prop == "-" {
 				prop = fve.Tag.Get("yaml")
 			}
-			value := vip.Get(fmt.Sprintf("%s.%d.%s", key, entry, prop))
+			configKey := fmt.Sprintf("%s.%d.%s", key, entry, prop)
+			value := vip.Get(configKey)
 			if value == nil {
 				continue
 			}
 			if instance == nil {
 				newType := reflect.Indirect(reflect.New(elementType))
 				instance = &newType
 			}
+			switch instance.Field(i).Type().String() {
+			case "[]string":
+				value = vip.GetStringSlice(configKey)
+			default:
+			}
 			instance.Field(i).Set(reflect.ValueOf(value))
 		}
 		if instance == nil {
diff --git a/cli/deployment/config_test.go b/cli/deployment/config_test.go
@@ -158,6 +158,7 @@ func TestConfig(t *testing.T) {
 			"CODER_GITAUTH_0_AUTH_URL":      "https://auth.com",
 			"CODER_GITAUTH_0_TOKEN_URL":     "https://token.com",
 			"CODER_GITAUTH_0_REGEX":         "github.com",
+			"CODER_GITAUTH_0_SCOPES":        "read write",
 
 			"CODER_GITAUTH_1_ID":            "another",
 			"CODER_GITAUTH_1_TYPE":          "gitlab",
@@ -177,6 +178,7 @@ func TestConfig(t *testing.T) {
 				AuthURL:      "https://auth.com",
 				TokenURL:     "https://token.com",
 				Regex:        "github.com",
+				Scopes:       []string{"read", "write"},
 			}, {
 				ID:           "another",
 				Type:         "gitlab",
diff --git a/coderd/gitauth/config.go b/coderd/gitauth/config.go
@@ -86,6 +86,16 @@ func ConvertConfig(entries []codersdk.GitAuthConfig, accessURL *url.URL) ([]*Con
 			Scopes:       scope[typ],
 		}
 
+		if entry.AuthURL != "" {
+			oauth2Config.Endpoint.AuthURL = entry.AuthURL
+		}
+		if entry.TokenURL != "" {
+			oauth2Config.Endpoint.TokenURL = entry.TokenURL
+		}
+		if entry.Scopes != nil && len(entry.Scopes) > 0 {
+			oauth2Config.Scopes = entry.Scopes
+		}
+
 		var oauthConfig httpmw.OAuth2Config = oauth2Config
 		// Azure DevOps uses JWT token authentication!
 		if typ == codersdk.GitProviderAzureDevops {
diff --git a/coderd/gitauth/config_test.go b/coderd/gitauth/config_test.go
@@ -75,4 +75,18 @@ func TestConvertYAML(t *testing.T) {
 			require.Equal(t, tc.Output, output)
 		})
 	}
+
+	t.Run("CustomScopesAndEndpoint", func(t *testing.T) {
+		t.Parallel()
+		config, err := gitauth.ConvertConfig([]codersdk.GitAuthConfig{{
+			Type:         codersdk.GitProviderGitLab,
+			ClientID:     "id",
+			ClientSecret: "secret",
+			AuthURL:      "https://auth.com",
+			TokenURL:     "https://token.com",
+			Scopes:       []string{"read"},
+		}}, &url.URL{})
+		require.NoError(t, err)
+		require.Equal(t, "https://auth.com?client_id=id&redirect_uri=%2Fgitauth%2Fgitlab%2Fcallback&response_type=code&scope=read", config[0].AuthCodeURL(""))
+	})
 }
diff --git a/codersdk/deploymentconfig.go b/codersdk/deploymentconfig.go
@@ -108,13 +108,14 @@ type TLSConfig struct {
 }
 
 type GitAuthConfig struct {
-	ID           string `json:"id"`
-	Type         string `json:"type"`
-	ClientID     string `json:"client_id"`
-	ClientSecret string `json:"-" yaml:"client_secret"`
-	AuthURL      string `json:"auth_url"`
-	TokenURL     string `json:"token_url"`
-	Regex        string `json:"regex"`
+	ID           string   `json:"id"`
+	Type         string   `json:"type"`
+	ClientID     string   `json:"client_id"`
+	ClientSecret string   `json:"-" yaml:"client_secret"`
+	AuthURL      string   `json:"auth_url"`
+	TokenURL     string   `json:"token_url"`
+	Regex        string   `json:"regex"`
+	Scopes       []string `json:"scopes"`
 }
 
 type Flaggable interface {

Original file line number	Diff line number	Diff line change
`@@ -462,14 +462,20 @@ func readSliceFromViper[T any](vip *viper.Viper, key string, value any) []T {`
`462`	`462`	`if prop == "-" {`
`463`	`463`	`prop = fve.Tag.Get("yaml")`
`464`	`464`	`}`
`465`		`- value := vip.Get(fmt.Sprintf("%s.%d.%s", key, entry, prop))`
	`465`	`+ configKey := fmt.Sprintf("%s.%d.%s", key, entry, prop)`
	`466`	`+ value := vip.Get(configKey)`
`466`	`467`	`if value == nil {`
`467`	`468`	`continue`
`468`	`469`	`}`
`469`	`470`	`if instance == nil {`
`470`	`471`	`newType := reflect.Indirect(reflect.New(elementType))`
`471`	`472`	`instance = &newType`
`472`	`473`	`}`
	`474`	`+ switch instance.Field(i).Type().String() {`
	`475`	`+ case "[]string":`
	`476`	`+ value = vip.GetStringSlice(configKey)`
	`477`	`+ default:`
	`478`	`+ }`
`473`	`479`	`instance.Field(i).Set(reflect.ValueOf(value))`
`474`	`480`	`}`
`475`	`481`	`if instance == nil {`