CreateAppSecret returns an http.HandlerFunc that handles POST /oauth2-provider/apps/{app}/secrets
(db database.Store, auditor *audit.Auditor, logger slog.Logger)
| 41 | |
| 42 | // CreateAppSecret returns an http.HandlerFunc that handles POST /oauth2-provider/apps/{app}/secrets |
| 43 | func CreateAppSecret(db database.Store, auditor *audit.Auditor, logger slog.Logger) http.HandlerFunc { |
| 44 | return func(rw http.ResponseWriter, r *http.Request) { |
| 45 | var ( |
| 46 | ctx = r.Context() |
| 47 | app = httpmw.OAuth2ProviderApp(r) |
| 48 | aReq, commitAudit = audit.InitRequest[database.OAuth2ProviderAppSecret](rw, &audit.RequestParams{ |
| 49 | Audit: *auditor, |
| 50 | Log: logger, |
| 51 | Request: r, |
| 52 | Action: database.AuditActionCreate, |
| 53 | }) |
| 54 | ) |
| 55 | defer commitAudit() |
| 56 | secret, err := GenerateSecret() |
| 57 | if err != nil { |
| 58 | httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{ |
| 59 | Message: "Failed to generate OAuth2 client secret.", |
| 60 | Detail: err.Error(), |
| 61 | }) |
| 62 | return |
| 63 | } |
| 64 | dbSecret, err := db.InsertOAuth2ProviderAppSecret(ctx, database.InsertOAuth2ProviderAppSecretParams{ |
| 65 | ID: uuid.New(), |
| 66 | CreatedAt: dbtime.Now(), |
| 67 | SecretPrefix: []byte(secret.Prefix), |
| 68 | HashedSecret: secret.Hashed, |
| 69 | // DisplaySecret is the last six characters of the original unhashed secret. |
| 70 | // This is done so they can be differentiated and it matches how GitHub |
| 71 | // displays their client secrets. |
| 72 | DisplaySecret: secret.Formatted[len(secret.Formatted)-6:], |
| 73 | AppID: app.ID, |
| 74 | }) |
| 75 | if err != nil { |
| 76 | httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{ |
| 77 | Message: "Internal error creating OAuth2 client secret.", |
| 78 | Detail: err.Error(), |
| 79 | }) |
| 80 | return |
| 81 | } |
| 82 | aReq.New = dbSecret |
| 83 | httpapi.Write(ctx, rw, http.StatusCreated, codersdk.OAuth2ProviderAppSecretFull{ |
| 84 | ID: dbSecret.ID, |
| 85 | ClientSecretFull: secret.Formatted, |
| 86 | }) |
| 87 | } |
| 88 | } |
| 89 | |
| 90 | // DeleteAppSecret returns an http.HandlerFunc that handles DELETE /oauth2-provider/apps/{app}/secrets/{secretID} |
| 91 | func DeleteAppSecret(db database.Store, auditor *audit.Auditor, logger slog.Logger) http.HandlerFunc { |
no test coverage detected