MCPcopy Index your code
hub / github.com/coder/coder / extractAuthorizeParams

Function extractAuthorizeParams

coderd/oauth2provider/authorize.go:38–84  ·  view source on GitHub ↗
(r *http.Request, callbackURL *url.URL)

Source from the content-addressed store, hash-verified

36}
37
38func extractAuthorizeParams(r *http.Request, callbackURL *url.URL) (authorizeParams, []codersdk.ValidationError, error) {
39 p := httpapi.NewQueryParamParser()
40 vals := r.URL.Query()
41
42 // response_type and client_id are always required.
43 p.RequiredNotEmpty("response_type", "client_id")
44
45 params := authorizeParams{
46 clientID: p.String(vals, "", "client_id"),
47 redirectURL: p.RedirectURL(vals, callbackURL, "redirect_uri"),
48 redirectURIProvided: vals.Get("redirect_uri") != "",
49 responseType: httpapi.ParseCustom(p, vals, "", "response_type", httpapi.ParseEnum[codersdk.OAuth2ProviderResponseType]),
50 scope: strings.Fields(strings.TrimSpace(p.String(vals, "", "scope"))),
51 state: p.String(vals, "", "state"),
52 resource: p.String(vals, "", "resource"),
53 codeChallenge: p.String(vals, "", "code_challenge"),
54 codeChallengeMethod: p.String(vals, "", "code_challenge_method"),
55 }
56
57 // PKCE is required for authorization code flow requests.
58 if params.responseType == codersdk.OAuth2ProviderResponseTypeCode && params.codeChallenge == "" {
59 p.Errors = append(p.Errors, codersdk.ValidationError{
60 Field: "code_challenge",
61 Detail: `Query param "code_challenge" is required and cannot be empty`,
62 })
63 }
64
65 // Validate resource indicator syntax (RFC 8707): must be absolute URI without fragment
66 if err := validateResourceParameter(params.resource); err != nil {
67 p.Errors = append(p.Errors, codersdk.ValidationError{
68 Field: "resource",
69 Detail: "must be an absolute URI without fragment",
70 })
71 }
72
73 p.ErrorExcessParams(vals)
74 if len(p.Errors) > 0 {
75 // Create a readable error message with validation details
76 var errorDetails []string
77 for _, err := range p.Errors {
78 errorDetails = append(errorDetails, err.Error())
79 }
80 errorMsg := "Invalid query params: " + strings.Join(errorDetails, ", ")
81 return authorizeParams{}, p.Errors, xerrors.Errorf(errorMsg)
82 }
83 return params, nil, nil
84}
85
86// ShowAuthorizePage handles GET /oauth2/authorize requests to display the HTML authorization page.
87func ShowAuthorizePage(accessURL *url.URL) http.HandlerFunc {

Calls 11

RequiredNotEmptyMethod · 0.95
StringMethod · 0.95
RedirectURLMethod · 0.95
ErrorExcessParamsMethod · 0.95
NewQueryParamParserFunction · 0.92
ParseCustomFunction · 0.92
GetMethod · 0.65
FieldsMethod · 0.65
ErrorMethod · 0.45
ErrorfMethod · 0.45