fix(coderd): pass oauth configs to site (#8390)

coderd/coderd.go

@@ -299,19 +299,20 @@ func New(options *Options) *API {
 		},
 	)
 
-	staticHandler := site.New(&site.Options{
-		BinFS:     binFS,
-		BinHashes: binHashes,
-		Database:  options.Database,
-		SiteFS:    site.FS(),
-	})
-	staticHandler.Experiments.Store(&experiments)
-
 	oauthConfigs := &httpmw.OAuth2Configs{
 		Github: options.GithubOAuth2Config,
 		OIDC:   options.OIDCConfig,
 	}
 
+	staticHandler := site.New(&site.Options{
+		BinFS:         binFS,
+		BinHashes:     binHashes,
+		Database:      options.Database,
+		SiteFS:        site.FS(),
+		OAuth2Configs: oauthConfigs,
+	})
+	staticHandler.Experiments.Store(&experiments)
+
 	ctx, cancel := context.WithCancel(context.Background())
 	r := chi.NewRouter()
 

site/site.go

@@ -61,10 +61,11 @@ func init() {
 }
 
 type Options struct {
-	BinFS     http.FileSystem
+	BinFS         http.FileSystem
-	BinHashes map[string]string
+	BinHashes     map[string]string
-	Database  database.Store
+	Database      database.Store
-	SiteFS    fs.FS
+	SiteFS        fs.FS
+	OAuth2Configs *httpmw.OAuth2Configs
 }
 
 func New(opts *Options) *Handler {
@@ -290,8 +291,12 @@ func (h *Handler) renderHTMLWithState(rw http.ResponseWriter, r *http.Request, f
 	// Cookies are sent when requesting HTML, so we can get the user
 	// and pre-populate the state for the frontend to reduce requests.
 	apiKey, actor, _ := httpmw.ExtractAPIKey(rw, r, httpmw.ExtractAPIKeyConfig{
-		Optional: true,
+		Optional:      true,
-		DB:       h.opts.Database,
+		DB:            h.opts.Database,
+		OAuth2Configs: h.opts.OAuth2Configs,
+		// Special case for site, we can always disable refresh here because
+		// the frontend will perform API requests if this fails.
+		DisableSessionExpiryRefresh: true,
 	})
 	if apiKey != nil && actor != nil {
 		ctx := dbauthz.As(r.Context(), actor.Actor)