shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-03 13:08:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
2b59cfa7c53b75fca0ccf1f8d2a858fa4abc0e3d
coder/coderd
T
History
Eric Paulsen 5bd2a3f190 fix: conceal sensitive domain information in auth error messages (#17132) 
## Summary
- Removes exposure of allowed domain list in OIDC authentication error
messages
- Replaces detailed error messages with a generic message that doesn't
expose internal domains
- Adds "Please contact your administrator" to guide users seeking
assistance
- Addresses security concern where third-party contractors could see
internal domain information

## Test plan
- Test accessing Coder with an email that doesn't match allowed domains
- Verify error message no longer displays the list of authorized domains
- Verify message now includes guidance to contact administrator

Fixes issue related to domain information exposure during
authentication. Linked issue:
https://github.com/coder/coder/issues/17130

🤖 Generated with [Claude Code](https://claude.ai/code)
2025-03-27 13:41:01 +00:00
..
agentapi
chore: bump debounce from 5 minutes to 30 minutes (#17111)
2025-03-26 14:33:10 +00:00
agentmetrics
feat: make agent stats' cardinality configurable (#12535)
2024-03-13 12:03:36 +02:00
apidoc
feat(coderd): add webpush package (#17091)
2025-03-27 10:03:53 +00:00
apikey
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
appearance
fix: make cli respect deployment --docs-url (#14568)
2024-09-18 21:47:53 +10:00
audit
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
autobuild
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
awsidentity
fix: add new aws regions to instance identity (#10434)
2023-10-30 19:44:29 +00:00
azureidentity
chore: skip Azure TestExpiresSoon (#13385)
2024-05-28 16:45:41 +00:00
coderdtest
feat(coderd): add webpush package (#17091)
2025-03-27 10:03:53 +00:00
cryptokeys
fix(coderd/cryptokeys): relock mutex to avoid double unlock (#16802)
2025-03-04 17:10:12 +00:00
database
feat(coderd): add webpush package (#17091)
2025-03-27 10:03:53 +00:00
devtunnel
refactor: replace golang.org/x/exp/slices with slices (#16772)
2025-03-04 00:46:49 +11:00
entitlements
refactor: replace golang.org/x/exp/slices with slices (#16772)
2025-03-04 00:46:49 +11:00
externalauth
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
gitsshkey
healthcheck
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
httpapi
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
httpmw
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
identityprovider
chore: use rw.WriteHeader to write responses without bodies (#13870)
2024-07-11 13:38:33 -06:00
idpsync
chore: add prebuilds system user (#16916)
2025-03-25 12:18:06 +00:00
jwtutils
chore: replace github.com/go-jose/go-jose/v3 with v4 (#16031)
2025-01-03 11:21:49 -06:00
metricscache
chore: test metricscache on postgres (#16711)
2025-02-27 09:43:51 +00:00
notifications
chore: improve dormant workspace notification wording (#17100)
2025-03-26 15:54:03 +01:00
oauthpki
chore: prevent authentication of non-unique oidc subjects (#16498)
2025-02-10 09:31:08 -06:00
portsharing
fix: properly convert max port share level for oss (#13261)
2024-05-13 14:37:51 -04:00
prebuilds
chore: add prebuilds system user (#16916)
2025-03-25 12:18:06 +00:00
prometheusmetrics
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
promoauth
chore: add tx metrics and logs for serialization errors (#15215)
2024-10-25 12:14:15 -04:00
provisionerdserver
feat(agent): add devcontainer autostart support (#17076)
2025-03-27 12:31:30 +02:00
provisionerkey
chore: shorten provisioner key (#14017)
2024-07-25 16:08:12 -05:00
pubsub
feat(coderd): add inbox notifications endpoints (#16889)
2025-03-18 00:02:47 +01:00
rbac
feat(coderd): add webpush package (#17091)
2025-03-27 10:03:53 +00:00
render
feat: implement thin vertical slice of system-generated notifications (#13537)
2024-07-08 15:38:50 +02:00
runtimeconfig
feat: add endpoint for partial updates to org sync mapping (#16316)
2025-01-30 10:52:50 -07:00
schedule
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
searchquery
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
telemetry
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
testdata/insights
chore(coderd): extract fileszip to package archive for reuse (#15229)
2024-10-25 15:14:39 +01:00
tracing
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
unhanger
chore(testutil): add testutil.GoleakOptions (#16070)
2025-01-08 15:38:37 +00:00
updatecheck
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
userpassword
refactor: replace golang.org/x/exp/slices with slices (#16772)
2025-03-04 00:46:49 +11:00
util
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
webpush
feat(coderd): add webpush package (#17091)
2025-03-27 10:03:53 +00:00
workspaceapps
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
workspacestats
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
wsbuilder
feat: implement WorkspaceCreationBan org role (#16686)
2025-02-27 06:23:18 -05:00
wspubsub
chore: send workspace pubsub events by owner id (#14964)
2024-11-01 14:17:05 +11:00
activitybump_test.go
chore: add standard test logger ignoring db canceled (#15556)
2024-11-18 14:09:22 +04:00
apikey_test.go
fix: remove redundant flaking test (#14888)
2024-10-01 09:01:24 +00:00
apikey.go
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
apiroot.go
audit_internal_test.go
chore: add sql filter to fetching audit logs (#14070)
2024-08-01 12:07:19 -05:00
audit_test.go
feat: add workspace agent connect and app open audit types (#16493)
2025-02-17 13:02:30 +00:00
audit.go
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
authorize_test.go
chore: add built in organization roles to match site (#13938)
2024-07-19 15:44:18 -05:00
authorize.go
chore: authz 'any_org' to return if at least 1 org has perms (#14009)
2024-07-29 19:58:48 -05:00
client_test.go
coderd_internal_test.go
fix: handle urls with multiple slashes (#16527)
2025-02-12 09:23:28 +01:00
coderd_test.go
chore(testutil): add testutil.GoleakOptions (#16070)
2025-01-08 15:38:37 +00:00
coderd.go
feat(coderd): add webpush package (#17091)
2025-03-27 10:03:53 +00:00
csp.go
debug_test.go
chore(codersdk): move all tailscale imports out of codersdk (#12735)
2024-03-26 12:44:31 -05:00
debug.go
refactor: replace golang.org/x/exp/slices with slices (#16772)
2025-03-04 00:46:49 +11:00
deployment_test.go
fix(coderd): mark provisioner daemon psk as secret (#12322)
2024-02-27 16:33:32 +00:00
deployment.go
chore: remove rbac psuedo resources, add custom verbs (#13276)
2024-05-15 11:09:42 -05:00
deprecated.go
chore!: remove deprecated agent v1 routes (#13486)
2024-06-11 12:22:59 +10:00
experiments_test.go
feat: add all safe experiments to the deployment page (#10276)
2023-10-17 14:49:19 -04:00
experiments.go
feat: add all safe experiments to the deployment page (#10276)
2023-10-17 14:49:19 -04:00
externalauth_test.go
fix: limit OAuth redirects to local paths (#14585)
2024-09-10 15:58:50 +01:00
externalauth.go
fix: limit OAuth redirects to local paths (#14585)
2024-09-10 15:58:50 +01:00
files_test.go
fix: support windows specific zip mime type for template uploads (#15442)
2024-11-08 18:24:12 +11:00
files.go
fix: support windows specific zip mime type for template uploads (#15442)
2024-11-08 18:24:12 +11:00
gitsshkey_test.go
chore(coderd): allow creating workspaces without specifying an organization (#14048)
2024-07-30 10:44:02 -06:00
gitsshkey.go
inboxnotifications_test.go
feat(coderd): add format option to inbox notifications watch endpoint (#17034)
2025-03-21 16:41:13 +01:00
inboxnotifications.go
feat(coderd): add format option to inbox notifications watch endpoint (#17034)
2025-03-21 16:41:13 +01:00
insights_internal_test.go
test: skip tests affected by daylight savings issues (#16857)
2025-03-10 13:10:34 +01:00
insights_test.go
chore(Makefile): update golden files as part of make gen (#17039)
2025-03-21 13:04:30 +00:00
insights.go
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
latencycheck.go
members_test.go
chore: allow removing users from the default org (#14699)
2024-09-17 10:42:47 -05:00
members.go
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
notifications_test.go
feat(coderd): add new dispatch logic for coder inbox (#16764)
2025-03-05 22:43:18 +01:00
notifications.go
feat(coderd): add new dispatch logic for coder inbox (#16764)
2025-03-05 22:43:18 +01:00
oauth2_test.go
feat: make OAuth2 provider not enterprise-only (#12732)
2024-03-25 11:52:22 -08:00
oauth2.go
chore: use rw.WriteHeader to write responses without bodies (#13870)
2024-07-11 13:38:33 -06:00
organizations_test.go
chore: protect organization endpoints with license (#14001)
2024-07-25 16:07:53 -05:00
organizations.go
chore: implement filters for the organizations query (#14468)
2024-08-28 13:24:28 -05:00
pagination_internal_test.go
fix: improve pagination parser (#12422)
2024-03-05 14:05:15 +00:00
pagination.go
chore: implement sane default pagination limit for audit logs (#13676)
2024-06-28 07:38:04 -05:00
presets_test.go
fix(coderd): avoid fetching extra parameters for a preset (#16642)
2025-02-20 09:58:04 +02:00
presets.go
fix(coderd): avoid fetching extra parameters for a preset (#16642)
2025-02-20 09:58:04 +02:00
provisionerdaemons_test.go
fix: return provisioners in desc order and add limit to cli (#16720)
2025-02-26 21:06:51 +02:00
provisionerdaemons.go
feat(coderd/httpapi): add QueryParamParser.JSONStringMap (#16578)
2025-02-18 14:14:30 +00:00
provisionerjobs_internal_test.go
chore: migrate to coder/websocket 1.8.12 (#15898)
2024-12-19 00:51:30 +04:00
provisionerjobs_test.go
feat(coderd): add support for provisioner job id and tag filter (#16556)
2025-02-13 18:24:27 +02:00
provisionerjobs.go
feat(coderd/httpapi): add QueryParamParser.JSONStringMap (#16578)
2025-02-18 14:14:30 +00:00
roles_test.go
chore: protect organization endpoints with license (#14001)
2024-07-25 16:07:53 -05:00
roles.go
chore: refactor patch custom organization route to live in enterprise (#14099)
2024-08-05 13:42:11 -05:00
tailnet_test.go
chore: add standard test logger ignoring db canceled (#15556)
2024-11-18 14:09:22 +04:00
tailnet.go
chore: add test for coord rolling restart (#14680)
2024-11-20 18:04:33 +11:00
templates_test.go
chore: add standard test logger ignoring db canceled (#15556)
2024-11-18 14:09:22 +04:00
templates.go
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
templateversions_test.go
fix!: enforce regex for agent names (#16641)
2025-02-20 05:09:26 +00:00
templateversions.go
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
updatecheck_test.go
updatecheck.go
userauth_test.go
fix: conceal sensitive domain information in auth error messages (#17132)
2025-03-27 13:41:01 +00:00
userauth.go
fix: conceal sensitive domain information in auth error messages (#17132)
2025-03-27 13:41:01 +00:00
users_test.go
chore: add prebuilds system user (#16916)
2025-03-25 12:18:06 +00:00
users.go
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
webpush_test.go
feat(coderd): add webpush package (#17091)
2025-03-27 10:03:53 +00:00
webpush.go
feat(coderd): add webpush package (#17091)
2025-03-27 10:03:53 +00:00
workspaceagentportshare_test.go
chore: join owner, template, and org in new workspace view (#15116)
2024-10-22 09:20:54 -05:00
workspaceagentportshare.go
fix: properly convert max port share level for oss (#13261)
2024-05-13 14:37:51 -04:00
workspaceagents_test.go
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
workspaceagents.go
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
workspaceagentsrpc_internal_test.go
chore: migrate to coder/websocket 1.8.12 (#15898)
2024-12-19 00:51:30 +04:00
workspaceagentsrpc_test.go
fix: stop incrementing activity on empty agent stats (#15204)
2024-10-25 16:49:44 +00:00
workspaceagentsrpc.go
feat: add agentapi endpoint to report connections for audit (#16507)
2025-02-20 14:52:01 +02:00
workspaceapps_test.go
chore: add standard test logger ignoring db canceled (#15556)
2024-11-18 14:09:22 +04:00
workspaceapps.go
feat: enable key rotation (#15066)
2024-10-25 17:14:35 +01:00
workspacebuilds_test.go
refactor: replace golang.org/x/exp/slices with slices (#16772)
2025-03-04 00:46:49 +11:00
workspacebuilds.go
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
workspaceproxies_test.go
fix: allow ports in wildcard url configuration (#11657)
2024-01-18 09:44:05 -06:00
workspaceproxies.go
fix: allow ports in wildcard url configuration (#11657)
2024-01-18 09:44:05 -06:00
workspaceresourceauth_test.go
fix!: enforce regex for agent names (#16641)
2025-02-20 05:09:26 +00:00
workspaceresourceauth.go
workspaces_test.go
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
workspaces.go
fix: change notifications actions url (#17083)
2025-03-25 11:29:02 +01:00
workspaceupdates_test.go
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00
workspaceupdates.go
chore: update golang to 1.24.1 (#17035)
2025-03-26 01:56:39 -05:00