MCPcopy Index your code
hub / github.com/coder/coder / mcpServerOAuth2Callback

Method mcpServerOAuth2Callback

coderd/mcp.go:967–1139  ·  view source on GitHub ↗

@Summary Handle MCP server OAuth2 callback @x-apidocgen {"skip": true} EXPERIMENTAL: this endpoint is experimental and is subject to change. Exchanges the authorization code for tokens and stores them. nolint:revive // HTTP handler writes to ResponseWriter.

(rw http.ResponseWriter, r *http.Request)

Source from the content-addressed store, hash-verified

965//
966//nolint:revive // HTTP handler writes to ResponseWriter.
967func (api *API) mcpServerOAuth2Callback(rw http.ResponseWriter, r *http.Request) {
968 ctx := r.Context()
969 apiKey := httpmw.APIKey(r)
970
971 mcpServerID, ok := parseMCPServerConfigID(rw, r)
972 if !ok {
973 return
974 }
975
976 //nolint:gocritic // Any authenticated user can complete OAuth2 for an enabled MCP server.
977 config, err := api.Database.GetMCPServerConfigByID(dbauthz.AsSystemRestricted(ctx), mcpServerID)
978 if err != nil {
979 if httpapi.Is404Error(err) {
980 httpapi.ResourceNotFound(rw)
981 return
982 }
983 httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{
984 Message: "Failed to get MCP server config.",
985 Detail: err.Error(),
986 })
987 return
988 }
989
990 if !config.Enabled {
991 httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
992 Message: "MCP server is not enabled.",
993 })
994 return
995 }
996
997 if config.AuthType != "oauth2" {
998 httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
999 Message: "MCP server does not use OAuth2 authentication.",
1000 })
1001 return
1002 }
1003
1004 // Check if the OAuth2 provider returned an error (e.g., user
1005 // denied consent).
1006 if oauthError := r.URL.Query().Get("error"); oauthError != "" {
1007 desc := r.URL.Query().Get("error_description")
1008 if desc == "" {
1009 desc = oauthError
1010 }
1011 httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
1012 Message: "OAuth2 provider returned an error.",
1013 Detail: desc,
1014 })
1015 return
1016 }
1017
1018 code := r.URL.Query().Get("code")
1019 if code == "" {
1020 httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
1021 Message: "Missing authorization code.",
1022 })
1023 return
1024 }

Callers

nothing calls this directly

Calls 15

ExchangeMethod · 0.95
APIKeyFunction · 0.92
AsSystemRestrictedFunction · 0.92
Is404ErrorFunction · 0.92
ResourceNotFoundFunction · 0.92
WriteFunction · 0.92
parseMCPServerConfigIDFunction · 0.85
ContextMethod · 0.65
GetMethod · 0.65
ApplyMethod · 0.65

Tested by

no test coverage detected