synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-15 22:20:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: instrument additional github api calls (#11824)

Browse Source 
* chore: instrument additional githubapi calls

This only affects github as a login source, not external auth.
This commit is contained in:
Steven Masley
2024-01-25 18:34:46 -06:00
committed by GitHub
parent e371716b38
commit 005c014f13
2 changed files with 37 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
cli/server.go
View File

@ -1773,12 +1773,6 @@ func configureGithubOAuth2(instrument *promoauth.Factory, accessURL *url.URL, cl
Slug: parts[1], Slug: parts[1],
}) })
} }
createClient := func(client *http.Client) (*github.Client, error) {
if enterpriseBaseURL != "" {
return github.NewEnterpriseClient(enterpriseBaseURL, "", client)
}
return github.NewClient(client), nil
}
endpoint := xgithub.Endpoint endpoint := xgithub.Endpoint
if enterpriseBaseURL != "" { if enterpriseBaseURL != "" {
@ -1800,24 +1794,34 @@ func configureGithubOAuth2(instrument *promoauth.Factory, accessURL *url.URL, cl
} }
} }
instrumentedOauth := instrument.NewGithub("github-login", &oauth2.Config{
ClientID: clientID,
ClientSecret: clientSecret,
Endpoint: endpoint,
RedirectURL: redirectURL.String(),
Scopes: []string{
"read:user",
"read:org",
"user:email",
},
})
createClient := func(client *http.Client, source promoauth.Oauth2Source) (*github.Client, error) {
client = instrumentedOauth.InstrumentHTTPClient(client, source)
if enterpriseBaseURL != "" {
return github.NewEnterpriseClient(enterpriseBaseURL, "", client)
}
return github.NewClient(client), nil
}
return &coderd.GithubOAuth2Config{ return &coderd.GithubOAuth2Config{
OAuth2Config: instrument.NewGithub("github-login", &oauth2.Config{ OAuth2Config: instrumentedOauth,
ClientID: clientID,
ClientSecret: clientSecret,
Endpoint: endpoint,
RedirectURL: redirectURL.String(),
Scopes: []string{
"read:user",
"read:org",
"user:email",
},
}),
AllowSignups: allowSignups, AllowSignups: allowSignups,
AllowEveryone: allowEveryone, AllowEveryone: allowEveryone,
AllowOrganizations: allowOrgs, AllowOrganizations: allowOrgs,
AllowTeams: allowTeams, AllowTeams: allowTeams,
AuthenticatedUser: func(ctx context.Context, client *http.Client) (*github.User, error) { AuthenticatedUser: func(ctx context.Context, client *http.Client) (*github.User, error) {
api, err := createClient(client) api, err := createClient(client, promoauth.SourceGitAPIAuthUser)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -1825,7 +1829,7 @@ func configureGithubOAuth2(instrument *promoauth.Factory, accessURL *url.URL, cl
return user, err return user, err
}, },
ListEmails: func(ctx context.Context, client *http.Client) ([]*github.UserEmail, error) { ListEmails: func(ctx context.Context, client *http.Client) ([]*github.UserEmail, error) {
api, err := createClient(client) api, err := createClient(client, promoauth.SourceGitAPIListEmails)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -1833,7 +1837,7 @@ func configureGithubOAuth2(instrument *promoauth.Factory, accessURL *url.URL, cl
return emails, err return emails, err
}, },
ListOrganizationMemberships: func(ctx context.Context, client *http.Client) ([]*github.Membership, error) { ListOrganizationMemberships: func(ctx context.Context, client *http.Client) ([]*github.Membership, error) {
api, err := createClient(client) api, err := createClient(client, promoauth.SourceGitAPIOrgMemberships)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -1846,7 +1850,7 @@ func configureGithubOAuth2(instrument *promoauth.Factory, accessURL *url.URL, cl
return memberships, err return memberships, err
}, },
TeamMembership: func(ctx context.Context, client *http.Client, org, teamSlug, username string) (*github.Membership, error) { TeamMembership: func(ctx context.Context, client *http.Client, org, teamSlug, username string) (*github.Membership, error) {
api, err := createClient(client) api, err := createClient(client, promoauth.SourceGitAPITeamMemberships)
if err != nil { if err != nil {
return nil, err return nil, err
} }

14
coderd/promoauth/oauth2.go
View File

@ -19,6 +19,11 @@ const (
SourceTokenSource Oauth2Source = "TokenSource" SourceTokenSource Oauth2Source = "TokenSource"
SourceAppInstallations Oauth2Source = "AppInstallations" SourceAppInstallations Oauth2Source = "AppInstallations"
SourceAuthorizeDevice Oauth2Source = "AuthorizeDevice" SourceAuthorizeDevice Oauth2Source = "AuthorizeDevice"
SourceGitAPIAuthUser Oauth2Source = "GitAPIAuthUser"
SourceGitAPIListEmails Oauth2Source = "GitAPIListEmails"
SourceGitAPIOrgMemberships Oauth2Source = "GitAPIOrgMemberships"
SourceGitAPITeamMemberships Oauth2Source = "GitAPITeamMemberships"
) )
// OAuth2Config exposes a subset of *oauth2.Config functions for easier testing. // OAuth2Config exposes a subset of *oauth2.Config functions for easier testing.
@ -209,6 +214,12 @@ func (c *Config) TokenSource(ctx context.Context, token *oauth2.Token) oauth2.To
return c.underlying.TokenSource(c.wrapClient(ctx, SourceTokenSource), token) return c.underlying.TokenSource(c.wrapClient(ctx, SourceTokenSource), token)
} }
func (c *Config) InstrumentHTTPClient(hc *http.Client, source Oauth2Source) *http.Client {
// The new tripper will instrument every request made by the oauth2 client.
hc.Transport = newInstrumentedTripper(c, source, hc.Transport)
return hc
}
// wrapClient is the only way we can accurately instrument the oauth2 client. // wrapClient is the only way we can accurately instrument the oauth2 client.
// This is because method calls to the 'OAuth2Config' interface are not 1:1 with // This is because method calls to the 'OAuth2Config' interface are not 1:1 with
// network requests. // network requests.
@ -229,8 +240,7 @@ func (c *Config) oauthHTTPClient(ctx context.Context, source Oauth2Source) *http
cli = hc cli = hc
} }
// The new tripper will instrument every request made by the oauth2 client. cli = c.InstrumentHTTPClient(cli, source)
cli.Transport = newInstrumentedTripper(c, source, cli.Transport)
return cli return cli
} }