DeviceLogin does the oauth2 device flow for external auth providers.
(t testing.TB, client *codersdk.Client, externalAuthID string)
| 731 | |
| 732 | // DeviceLogin does the oauth2 device flow for external auth providers. |
| 733 | func (*FakeIDP) DeviceLogin(t testing.TB, client *codersdk.Client, externalAuthID string) { |
| 734 | // First we need to initiate the device flow. This will have Coder hit the |
| 735 | // fake IDP and get a device code. |
| 736 | device, err := client.ExternalAuthDeviceByID(context.Background(), externalAuthID) |
| 737 | require.NoError(t, err) |
| 738 | |
| 739 | // Now the user needs to go to the fake IDP page and click "allow" and enter |
| 740 | // the device code input. For our purposes, we just send an http request to |
| 741 | // the verification url. No additional user input is needed. |
| 742 | ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitShort) |
| 743 | defer cancel() |
| 744 | resp, err := client.Request(ctx, http.MethodPost, device.VerificationURI, nil) |
| 745 | require.NoError(t, err) |
| 746 | defer resp.Body.Close() |
| 747 | |
| 748 | // Now we need to exchange the device code for an access token. We do this |
| 749 | // in this method because it is the user that does the polling for the device |
| 750 | // auth flow, not the backend. |
| 751 | err = client.ExternalAuthDeviceExchange(context.Background(), externalAuthID, codersdk.ExternalAuthDeviceExchange{ |
| 752 | DeviceCode: device.DeviceCode, |
| 753 | }) |
| 754 | require.NoError(t, err) |
| 755 | } |
| 756 | |
| 757 | // CreateAuthCode emulates a user clicking "allow" on the IDP page. When doing |
| 758 | // unit tests, it's easier to skip this step sometimes. It does make an actual |