MCPcopy Index your code
hub / github.com/coder/coder / configureGithubOAuth2

Function configureGithubOAuth2

cli/server.go:2181–2316  ·  view source on GitHub ↗
(instrument *promoauth.Factory, params *githubOAuth2ConfigParams)

Source from the content-addressed store, hash-verified

2179}
2180
2181func configureGithubOAuth2(instrument *promoauth.Factory, params *githubOAuth2ConfigParams) (*coderd.GithubOAuth2Config, error) {
2182 redirectURL, err := params.accessURL.Parse("/api/v2/users/oauth2/github/callback")
2183 if err != nil {
2184 return nil, xerrors.Errorf("parse github oauth callback url: %w", err)
2185 }
2186 if params.allowEveryone && len(params.allowOrgs) > 0 {
2187 return nil, xerrors.New("allow everyone and allowed orgs cannot be used together")
2188 }
2189 if params.allowEveryone && len(params.rawTeams) > 0 {
2190 return nil, xerrors.New("allow everyone and allowed teams cannot be used together")
2191 }
2192 if !params.allowEveryone && len(params.allowOrgs) == 0 {
2193 return nil, xerrors.New("allowed orgs is empty: must specify at least one org or allow everyone")
2194 }
2195 allowTeams := make([]coderd.GithubOAuth2Team, 0, len(params.rawTeams))
2196 for _, rawTeam := range params.rawTeams {
2197 parts := strings.SplitN(rawTeam, "/", 2)
2198 if len(parts) != 2 {
2199 return nil, xerrors.Errorf("github team allowlist is formatted incorrectly. got %s; wanted <organization>/<team>", rawTeam)
2200 }
2201 allowTeams = append(allowTeams, coderd.GithubOAuth2Team{
2202 Organization: parts[0],
2203 Slug: parts[1],
2204 })
2205 }
2206
2207 endpoint := xgithub.Endpoint
2208 if params.enterpriseBaseURL != "" {
2209 enterpriseURL, err := url.Parse(params.enterpriseBaseURL)
2210 if err != nil {
2211 return nil, xerrors.Errorf("parse enterprise base url: %w", err)
2212 }
2213 authURL, err := enterpriseURL.Parse("/login/oauth/authorize")
2214 if err != nil {
2215 return nil, xerrors.Errorf("parse enterprise auth url: %w", err)
2216 }
2217 tokenURL, err := enterpriseURL.Parse("/login/oauth/access_token")
2218 if err != nil {
2219 return nil, xerrors.Errorf("parse enterprise token url: %w", err)
2220 }
2221 endpoint = oauth2.Endpoint{
2222 AuthURL: authURL.String(),
2223 TokenURL: tokenURL.String(),
2224 }
2225 }
2226
2227 instrumentedOauth := instrument.NewGithub("github-login", &oauth2.Config{
2228 ClientID: params.clientID,
2229 ClientSecret: params.clientSecret,
2230 Endpoint: endpoint,
2231 RedirectURL: redirectURL.String(),
2232 Scopes: []string{
2233 "read:user",
2234 "read:org",
2235 "user:email",
2236 },
2237 })
2238

Callers 1

ServerMethod · 0.85

Calls 9

ExchangeDeviceCodeMethod · 0.95
AuthorizeDeviceMethod · 0.95
NewGithubMethod · 0.80
InstrumentHTTPClientMethod · 0.80
ParseMethod · 0.65
NewMethod · 0.65
GetMethod · 0.65
ErrorfMethod · 0.45
StringMethod · 0.45

Tested by

no test coverage detected