shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-03 04:58:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
6ff657f0901e70daf278410eec96d0de79aa798d
coder/coderd/externalauth
T
History
Garrett Delfosse 1a078790b1 fix(coderd/externalauth): save refreshed token before validation (#24332) (backport to 2.31) (#24899) 
Backport of https://github.com/coder/coder/pull/24332 to `release/2.31`.

Moves the `UpdateExternalAuthLink` call to immediately after
`TokenSource.Token()` succeeds (before validation). GitHub rotates
refresh tokens on use, so if post-refresh validation fails (e.g.
rate-limited 403), the new token was previously silently discarded,
forcing manual re-authentication.

Original PR: #24332
Merge commit: 2a1984f0e8

**Note:** This branch includes the cherry-pick of #22904 (optimistic
locking) as a prerequisite since #24332's tests depend on it. The #22904
backport PR is #24902. Once that merges, the overlapping commit in this
PR will be a no-op.

Cherry-picks applied cleanly with no conflicts.

> Generated by Coder Agents

---------

Co-authored-by: Kyle Carberry <kyle@coder.com>
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
2026-05-01 14:51:22 -04:00
..
externalauth_internal_test.go
feat!: support PKCE in the oauth2 client's auth/exchange flow (#21215)
2025-12-15 17:41:47 +00:00
externalauth_test.go
fix(coderd/externalauth): save refreshed token before validation (#24332) (backport to 2.31) (#24899)
2026-05-01 14:51:22 -04:00
externalauth.go
fix(coderd/externalauth): save refreshed token before validation (#24332) (backport to 2.31) (#24899)
2026-05-01 14:51:22 -04:00