MCPcopy Index your code
hub / github.com/coder/coder / resolveChatGitAccessToken

Method resolveChatGitAccessToken

coderd/exp_chats.go:4287–4381  ·  view source on GitHub ↗
(
	ctx context.Context,
	userID uuid.UUID,
	origin string,
)

Source from the content-addressed store, hash-verified

4285}
4286
4287func (api *API) resolveChatGitAccessToken(
4288 ctx context.Context,
4289 userID uuid.UUID,
4290 origin string,
4291) (*string, error) {
4292 origin = strings.TrimSpace(origin)
4293
4294 // If we have an origin, find the specific matching config first.
4295 // This ensures multi-provider setups (github.com + GHE) get the
4296 // correct token.
4297 if origin != "" {
4298 for _, config := range api.ExternalAuthConfigs {
4299 if config.Regex == nil || !config.Regex.MatchString(origin) {
4300 continue
4301 }
4302 //nolint:gocritic // System access needed to read external auth
4303 // links when called from the gitsync worker (chatd context).
4304 link, err := api.Database.GetExternalAuthLink(dbauthz.AsSystemRestricted(ctx),
4305 database.GetExternalAuthLinkParams{
4306 ProviderID: config.ID,
4307 UserID: userID,
4308 },
4309 )
4310 if err != nil {
4311 continue
4312 }
4313 //nolint:gocritic // System context carried through for token refresh.
4314 refreshed, refreshErr := config.RefreshToken(dbauthz.AsSystemRestricted(ctx), api.Database, link)
4315 if refreshErr == nil {
4316 link = refreshed
4317 }
4318 token := strings.TrimSpace(link.OAuthAccessToken)
4319 if token != "" {
4320 return ptr.Ref(token), nil
4321 }
4322 }
4323 }
4324
4325 // Fallback: iterate all external auth configs.
4326 // Used when origin is empty (inline refresh from HTTP handler)
4327 // or when the origin-specific lookup above failed.
4328 configs := make(map[string]*externalauth.Config)
4329 providerIDs := []string{}
4330 for _, config := range api.ExternalAuthConfigs {
4331 providerIDs = append(providerIDs, config.ID)
4332 configs[config.ID] = config
4333 }
4334
4335 seen := map[string]struct{}{}
4336 for _, providerID := range providerIDs {
4337 if _, ok := seen[providerID]; ok {
4338 continue
4339 }
4340 seen[providerID] = struct{}{}
4341
4342 //nolint:gocritic // System access needed to read external auth
4343 // links when called from the gitsync worker (chatd context).
4344 link, err := api.Database.GetExternalAuthLink(

Callers 2

Calls 5

AsSystemRestrictedFunction · 0.92
RefFunction · 0.92
GetExternalAuthLinkMethod · 0.65
RefreshTokenMethod · 0.65
ErrorMethod · 0.45

Tested by

no test coverage detected