diff --git a/coderd/features_internal_test.go b/coderd/features_internal_test.go index b86eb30dc8d8c..d8480899c6d84 100644 --- a/coderd/features_internal_test.go +++ b/coderd/features_internal_test.go @@ -6,9 +6,10 @@ import ( "net/http/httptest" "testing" - "github.com/coder/coder/codersdk" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + + "github.com/coder/coder/codersdk" ) func TestEntitlements(t *testing.T) { diff --git a/coderd/userauth.go b/coderd/userauth.go index 5e7654cd6a08f..865f2afeb90fa 100644 --- a/coderd/userauth.go +++ b/coderd/userauth.go @@ -241,6 +241,23 @@ func (api *API) userOAuth2Github(rw http.ResponseWriter, r *http.Request) { } } + if link.UserID != uuid.Nil { + link, err = api.Database.UpdateUserLink(ctx, database.UpdateUserLinkParams{ + UserID: user.ID, + LoginType: database.LoginTypeGithub, + OAuthAccessToken: state.Token.AccessToken, + OAuthRefreshToken: state.Token.RefreshToken, + OAuthExpiry: state.Token.Expiry, + }) + if err != nil { + httpapi.Write(rw, http.StatusInternalServerError, codersdk.Response{ + Message: "A database error occurred.", + Detail: fmt.Sprintf("update user link: %s", err.Error()), + }) + return + } + } + _, created := api.createAPIKey(rw, r, createAPIKeyParams{ UserID: user.ID, LoginType: database.LoginTypeGithub, @@ -432,6 +449,23 @@ func (api *API) userOIDC(rw http.ResponseWriter, r *http.Request) { } } + if link.UserID != uuid.Nil { + link, err = api.Database.UpdateUserLink(ctx, database.UpdateUserLinkParams{ + UserID: user.ID, + LoginType: database.LoginTypeOIDC, + OAuthAccessToken: state.Token.AccessToken, + OAuthRefreshToken: state.Token.RefreshToken, + OAuthExpiry: state.Token.Expiry, + }) + if err != nil { + httpapi.Write(rw, http.StatusInternalServerError, codersdk.Response{ + Message: "A database error occurred.", + Detail: fmt.Sprintf("update user link: %s", err.Error()), + }) + return + } + } + // If the upstream email or username has changed we should mirror // that in Coder. Many enterprises use a user's email/username as // security auditing fields so they need to stay synced.