MCPcopy Index your code
hub / github.com/coder/coder / extractOAuth2ProviderAppBase

Function extractOAuth2ProviderAppBase

coderd/httpmw/oauth2.go:306–368  ·  view source on GitHub ↗

extractOAuth2ProviderAppBase is the internal implementation that uses the strategy pattern instead of a control flag to handle different error formats.

(db database.Store, errWriter errorWriter)

Source from the content-addressed store, hash-verified

304// extractOAuth2ProviderAppBase is the internal implementation that uses the strategy pattern
305// instead of a control flag to handle different error formats.
306func extractOAuth2ProviderAppBase(db database.Store, errWriter errorWriter) func(http.Handler) http.Handler {
307 return func(next http.Handler) http.Handler {
308 return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
309 ctx := r.Context()
310
311 // App can come from a URL param, query param, or form value.
312 paramID := "app"
313 var appID uuid.UUID
314 if chi.URLParam(r, paramID) != "" {
315 var ok bool
316 appID, ok = ParseUUIDParam(rw, r, "app")
317 if !ok {
318 return
319 }
320 } else {
321 // If not provided by the url, then it is provided according to the
322 // oauth 2 spec. This can occur with query params, or in the body as
323 // form parameters.
324 // This also depends on if you are doing a POST (tokens) or GET (authorize).
325 paramAppID := r.URL.Query().Get("client_id")
326 if paramAppID == "" {
327 // Check the form params!
328 if r.ParseForm() == nil {
329 paramAppID = r.Form.Get("client_id")
330 }
331 }
332 if paramAppID == "" {
333 // RFC 6749 §2.3.1: confidential clients may authenticate via
334 // HTTP Basic where the username is the client_id.
335 if user, _, ok := r.BasicAuth(); ok && user != "" {
336 paramAppID = user
337 }
338 }
339 if paramAppID == "" {
340 errWriter.writeMissingClientID(ctx, rw)
341 return
342 }
343
344 var err error
345 appID, err = uuid.Parse(paramAppID)
346 if err != nil {
347 errWriter.writeInvalidClientID(ctx, rw, err)
348 return
349 }
350 }
351
352 app, err := db.GetOAuth2ProviderAppByID(ctx, appID)
353 if httpapi.Is404Error(err) {
354 errWriter.writeClientNotFound(ctx, rw)
355 return
356 }
357 if err != nil {
358 httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{
359 Message: "Internal error fetching OAuth2 app.",
360 Detail: err.Error(),
361 })
362 return
363 }

Calls 13

Is404ErrorFunction · 0.92
WriteFunction · 0.92
ParseUUIDParamFunction · 0.85
WithContextMethod · 0.80
ContextMethod · 0.65
GetMethod · 0.65
writeMissingClientIDMethod · 0.65
ParseMethod · 0.65
writeInvalidClientIDMethod · 0.65
writeClientNotFoundMethod · 0.65
ErrorMethod · 0.45

Tested by

no test coverage detected