synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-15 22:20:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: fix false positives in CodeQL (#17138)

Browse Source 
Clears up some false positives being surfaced by CodeQL
This commit is contained in:
Jon Ayers
2025-03-27 16:06:58 -05:00
committed by GitHub
parent e1f27a7137
commit eded0ed4b6
3 changed files with 6 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
coderd/userauth.go
View File

@ -1100,6 +1100,7 @@ func (api *API) userOAuth2Github(rw http.ResponseWriter, r *http.Request) {
// We use AuthCodeURL from the OAuth2Config field instead of the one on
// GithubOAuth2Config because when device flow is configured, AuthCodeURL
// is overridden and returns a value that doesn't pass the URL check.
// codeql[go/constant-oauth2-state] -- We are solely using the AuthCodeURL from the OAuth2Config field in order to validate the hostname of the external auth provider.
if externalauth.IsGithubDotComURL(api.GithubOAuth2Config.OAuth2Config.AuthCodeURL("")) && user.GithubComUserID.Int64 != ghUser.GetID() {
err = api.Database.UpdateUserGithubComUserID(ctx, database.UpdateUserGithubComUserIDParams{
ID: user.ID,