From 8147494dd0c88d9205fbf36413cd16bac1c6623d Mon Sep 17 00:00:00 2001 From: ffais Date: Thu, 1 Aug 2024 11:24:48 +0200 Subject: [PATCH 1/2] feat: add owner_oidc_refresh_token to coder_workspace_owner data source Signed-off-by: ffais --- provider/workspace_owner.go | 8 ++++++++ provider/workspace_owner_test.go | 4 ++++ 2 files changed, 12 insertions(+) diff --git a/provider/workspace_owner.go b/provider/workspace_owner.go index 13e36187..72fbd9b7 100644 --- a/provider/workspace_owner.go +++ b/provider/workspace_owner.go @@ -52,6 +52,7 @@ func workspaceOwnerDataSource() *schema.Resource { _ = rd.Set("session_token", os.Getenv("CODER_WORKSPACE_OWNER_SESSION_TOKEN")) _ = rd.Set("oidc_access_token", os.Getenv("CODER_WORKSPACE_OWNER_OIDC_ACCESS_TOKEN")) + _ = rd.Set("oidc_refresh_token", os.Getenv("CODER_WORKSPACE_OWNER_OIDC_REFRESH_TOKEN")) return nil }, @@ -107,6 +108,13 @@ func workspaceOwnerDataSource() *schema.Resource { "This is only available if the workspace owner authenticated with OpenID Connect. " + "If a valid token cannot be obtained, this value will be an empty string.", }, + "oidc_refresh_token": { + Type: schema.TypeString, + Computed: true, + Description: "A valid OpenID Connect refresh token of the workspace owner. Can be used to refresh access token if expired " + + "This is only available if the workspace owner authenticated with OpenID Connect. " + + "If a valid refresh token cannot be obtained, this value will be an empty string.", + }, }, } } diff --git a/provider/workspace_owner_test.go b/provider/workspace_owner_test.go index 90839cfc..33c86a82 100644 --- a/provider/workspace_owner_test.go +++ b/provider/workspace_owner_test.go @@ -35,6 +35,7 @@ func TestWorkspaceOwnerDatasource(t *testing.T) { t.Setenv("CODER_WORKSPACE_OWNER_GROUPS", `["group1", "group2"]`) t.Setenv("CODER_WORKSPACE_OWNER_SESSION_TOKEN", `supersecret`) t.Setenv("CODER_WORKSPACE_OWNER_OIDC_ACCESS_TOKEN", `alsosupersecret`) + t.Setenv("CODER_WORKSPACE_OWNER_OIDC_REFRESH_TOKEN", `alsosupersecretrefresh`) resource.Test(t, resource.TestCase{ Providers: map[string]*schema.Provider{ @@ -63,6 +64,7 @@ func TestWorkspaceOwnerDatasource(t *testing.T) { assert.Equal(t, `group2`, attrs["groups.1"]) assert.Equal(t, `supersecret`, attrs["session_token"]) assert.Equal(t, `alsosupersecret`, attrs["oidc_access_token"]) + assert.Equal(t, `alsosupersecretrefresh`, attrs["oidc_refresh_token"]) return nil }, }}, @@ -80,6 +82,7 @@ func TestWorkspaceOwnerDatasource(t *testing.T) { "CODER_WORKSPACE_OWNER_OIDC_ACCESS_TOKEN", "CODER_WORKSPACE_OWNER_SSH_PUBLIC_KEY", "CODER_WORKSPACE_OWNER_SSH_PRIVATE_KEY", + "CODER_WORKSPACE_OWNER_OIDC_REFRESH_TOKEN", } { // https://github.com/golang/go/issues/52817 t.Setenv(v, "") os.Unsetenv(v) @@ -111,6 +114,7 @@ func TestWorkspaceOwnerDatasource(t *testing.T) { assert.Empty(t, attrs["groups.0"]) assert.Empty(t, attrs["session_token"]) assert.Empty(t, attrs["oidc_access_token"]) + assert.Empty(t, attrs["oidc_refresh_token"]) return nil }, }}, From 0b49c27f6aa9aa206008e38c7bd811ec00175171 Mon Sep 17 00:00:00 2001 From: ffais Date: Mon, 12 Aug 2024 12:49:05 +0200 Subject: [PATCH 2/2] fix: build docs Signed-off-by: ffais --- docs/data-sources/workspace_owner.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/data-sources/workspace_owner.md b/docs/data-sources/workspace_owner.md index 1c64ea50..b2e922e2 100644 --- a/docs/data-sources/workspace_owner.md +++ b/docs/data-sources/workspace_owner.md @@ -52,6 +52,7 @@ resource "coder_env" "git_author_email" { - `id` (String) The UUID of the workspace owner. - `name` (String) The username of the user. - `oidc_access_token` (String) A valid OpenID Connect access token of the workspace owner. This is only available if the workspace owner authenticated with OpenID Connect. If a valid token cannot be obtained, this value will be an empty string. +- `oidc_refresh_token` (String) A valid OpenID Connect refresh token of the workspace owner. Can be used to refresh access token if expired This is only available if the workspace owner authenticated with OpenID Connect. If a valid refresh token cannot be obtained, this value will be an empty string. - `session_token` (String) Session token for authenticating with a Coder deployment. It is regenerated every time a workspace is started. - `ssh_private_key` (String, Sensitive) The user's generated SSH private key. - `ssh_public_key` (String) The user's generated SSH public key.