Affected by GO-2024-3228 and 2 other vulnerabilities

GO-2024-3228: Coder vulnerable to post-auth URL redirection to untrusted site ('Open Redirect') in github.com/coder/coder

GO-2025-3921: Coder accepts an APIKey beyond the linked OIDC expiry if there is no refresh token in github.com/coder/coder

GO-2025-3938: Coder vulnerable to privilege escalation could lead to a cross workspace compromise in github.com/coder/coder

The highest tagged major version is v2.

apikey

package

v0.23.5 Latest Latest Go to latest Published: May 19, 2023 License: AGPL-3.0 Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/coder/coder

Links

Open Source Insights

Documentation ¶

Index ¶

func Generate(params CreateParams) (database.InsertAPIKeyParams, string, error)
type CreateParams

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Generate ¶

func Generate(params CreateParams) (database.InsertAPIKeyParams, string, error)

Generate generates an API key, returning the key as a string as well as the database representation. It is the responsibility of the caller to insert it into the database.

Types ¶

type CreateParams ¶

type CreateParams struct {
	UserID           uuid.UUID
	LoginType        database.LoginType
	DeploymentValues *codersdk.DeploymentValues

	// Optional.
	ExpiresAt       time.Time
	LifetimeSeconds int64
	Scope           database.APIKeyScope
	TokenName       string
	RemoteAddr      string
}

Source Files ¶

View all Source files

apikey.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL