fix(coderd): pass oauth configs to site (#8390)

coderd/coderd.go

@@ -299,19 +299,20 @@ func New(options *Options) *API {
 		},
 	)
 
+	oauthConfigs := &httpmw.OAuth2Configs{
+		Github: options.GithubOAuth2Config,
+		OIDC:   options.OIDCConfig,
+	}
+
 	staticHandler := site.New(&site.Options{
 		BinFS:         binFS,
 		BinHashes:     binHashes,
 		Database:      options.Database,
 		SiteFS:        site.FS(),
+		OAuth2Configs: oauthConfigs,
 	})
 	staticHandler.Experiments.Store(&experiments)
 
-	oauthConfigs := &httpmw.OAuth2Configs{
-		Github: options.GithubOAuth2Config,
-		OIDC:   options.OIDCConfig,
-	}
-
 	ctx, cancel := context.WithCancel(context.Background())
 	r := chi.NewRouter()
 

site/site.go

@@ -65,6 +65,7 @@ type Options struct {
 	BinHashes     map[string]string
 	Database      database.Store
 	SiteFS        fs.FS
+	OAuth2Configs *httpmw.OAuth2Configs
 }
 
 func New(opts *Options) *Handler {
@@ -292,6 +293,10 @@ func (h *Handler) renderHTMLWithState(rw http.ResponseWriter, r *http.Request, f
 	apiKey, actor, _ := httpmw.ExtractAPIKey(rw, r, httpmw.ExtractAPIKeyConfig{
 		Optional:      true,
 		DB:            h.opts.Database,
+		OAuth2Configs: h.opts.OAuth2Configs,
+		// Special case for site, we can always disable refresh here because
+		// the frontend will perform API requests if this fails.
+		DisableSessionExpiryRefresh: true,
 	})
 	if apiKey != nil && actor != nil {
 		ctx := dbauthz.As(r.Context(), actor.Actor)