Skip to content

feat(docs): add documentation for HTTP OAuth #1805

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
toddbaert merged 8 commits into from
Oct 6, 2025
Merged

feat(docs): add documentation for HTTP OAuth #1805

toddbaert merged 8 commits into from
Oct 6, 2025

Conversation

@thisthat
Copy link
Member

@thisthat thisthat commented Sep 29, 2025

This PR

Related Issues

Fixes #1785

@thisthat thisthat requested review from a team as code owners September 29, 2025 05:23
@netlify
Copy link

netlify bot commented Sep 29, 2025
edited
Loading

Deploy Preview for polite-licorice-3db33c ready!

Name Link
🔨 Latest commit 3e54a92
🔍 Latest deploy log https://app.netlify.com/projects/polite-licorice-3db33c/deploys/68e3e71cf134b500088931be
😎 Deploy Preview https://deploy-preview-1805--polite-licorice-3db33c.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@dosubot dosubot bot added the size:M This PR changes 30-99 lines, ignoring generated files. label Sep 29, 2025
@gemini-code-assist
Copy link
Contributor

gemini-code-assist bot commented Sep 29, 2025

Summary of Changes

Hello @thisthat, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces comprehensive documentation for configuring HTTP OAuth authentication within flagd. It outlines the necessary parameters for enabling OAuth to securely retrieve feature flag configurations from HTTP endpoints, including examples for direct secret configuration and a more secure approach for Kubernetes environments using filesystem-based secrets with rotation capabilities.

Highlights

  • HTTP OAuth Documentation: Adds comprehensive documentation for configuring HTTP OAuth authentication within flagd, enabling secure fetching of feature flags from HTTP endpoints.
  • OAuth Configuration Examples: Provides detailed examples for configuring OAuth, including direct specification of client ID and client secret, as well as a method for managing secrets via the filesystem in Kubernetes environments.
  • Secret Rotation Support: Introduces documentation for the ReloadDelayS parameter, which facilitates the rotation of filesystem-based secrets without requiring a flagd restart.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

gemini-code-assist[bot]
gemini-code-assist bot reviewed Sep 29, 2025
View reviewed changes
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request adds documentation for using OAuth with the HTTP sync provider. The documentation is a good addition, but I've found a couple of issues: a typo and inconsistent parameter naming in the description, and an inconsistent data type in a code example. My review includes suggestions to correct these for better clarity and accuracy.

@thisthat thisthat mentioned this pull request Sep 29, 2025
Merged
alexandraoberaigner
alexandraoberaigner approved these changes Oct 1, 2025
View reviewed changes
Copy link
Contributor

@alexandraoberaigner alexandraoberaigner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Docs which are easy to understand 😎 👍 added just some nits/thoughts

@beeme1mr beeme1mr requested a review from toddbaert October 3, 2025 18:30
toddbaert added a commit that referenced this pull request Oct 6, 2025
@thisthat @renovate
@toddbaert @aepfli @chrfwow
feat: Add OAuth support for HTTP Sync (#1791)
268fd75 
<!-- Please use this template for your pull request. -->
<!-- Please use the sections that you need and delete other sections -->

## This PR

- adds support for OAuth in the HTTP Sync

### Related Issues
<!-- add here the GitHub issue that this PR resolves if applicable -->

Addresses #1785

### Notes

Properly testing this via unit tests is not possible. The HTTP Sync is
built by the `syncbuilder` pkg. This entails that testing any behavior
of the HTTP Sync can only be possible as part of the `syncbuilder`
module, which IMHO doesn't make much sense.

### Follow-up Tasks

Add documentation for the new properties used in the HTTP Sync. 
Available here: #1805


### How to test
<!-- if applicable, add testing instructions under this section -->

Manually create a small mockup server that handles OAuth requests

```go

func (h *OAuthHandler) Authorize(w http.ResponseWriter, r *http.Request) {

	reqDump, _ := httputil.DumpRequest(r, true)
	fmt.Printf("GOT OAUTH REQUEST:\n%s", string(reqDump))

	w.WriteHeader(http.StatusOK)
	w.Header().Set("Content-Type", "application/x-www-form-urlencoded")
	w.Write([]byte("access_token=mocktoken&scope=mockscope&token_type=bearer"))
}
```

Afterwards, start flagd pointing to the mockup server:

```
go run main.go start --sources='[{ "uri": "http://localhost:8180/flags", "provider": "http", "interval": 1, "bearerToken": "it-will-be-overridden", "oauthConfig": { "clientID": "test", "clientSecret": "test", "tokenUrl": "http://localhost:8180/oauth" }}]'
```

The HTTP request to `http://localhost:8180/flags` will contain the HTTP
Header `Authorization: Bearer mocktoken`.

---------

Signed-off-by: Todd Baert <[email protected]>
Signed-off-by: Giovanni Liva <[email protected]>
Signed-off-by: Simon Schrottner <[email protected]>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Todd Baert <[email protected]>
Co-authored-by: Simon Schrottner <[email protected]>
Co-authored-by: chrfwow <[email protected]>
thisthat and others added 8 commits October 6, 2025 11:58
@thisthat @toddbaert
feat(docs): add documentation for HTTP OAuth
52f0664 
Signed-off-by: Giovanni Liva <[email protected]>
@thisthat @toddbaert
feat(docs): lint
6e26f6c 
Signed-off-by: Giovanni Liva <[email protected]>
@thisthat @toddbaert
correct string->int
8b600cf 
Signed-off-by: Giovanni Liva <[email protected]>
@aepfli @gemini-code-assist @toddbaert
Apply suggestion from @gemini-code-assist[bot]
5761aa4 
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Signed-off-by: Simon Schrottner <[email protected]>
@thisthat @alexandraoberaigner @toddbaert
Apply suggestions from code review
eb900ff 
Co-authored-by: alexandraoberaigner <[email protected]>
Signed-off-by: Giovanni Liva <[email protected]>
@toddbaert @alexandraoberaigner
Apply suggestion from @alexandraoberaigner
9613614 
Co-authored-by: alexandraoberaigner <[email protected]>
Signed-off-by: Todd Baert <[email protected]>
@toddbaert @alexandraoberaigner
Apply suggestion from @alexandraoberaigner
83fbc90 
Co-authored-by: alexandraoberaigner <[email protected]>
Signed-off-by: Todd Baert <[email protected]>
@toddbaert
fixup: lint
3e54a92 
Signed-off-by: Todd Baert <[email protected]>
@toddbaert toddbaert merged commit 7c6d465 into main Oct 6, 2025
11 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alexandraoberaigner alexandraoberaigner alexandraoberaigner approved these changes

@aepfli aepfli aepfli approved these changes

@toddbaert toddbaert toddbaert approved these changes

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

size:M This PR changes 30-99 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[FEATURE] Add OAuth2 client credentials flow authorization scheme

5 participants

@thisthat @aepfli @toddbaert @alexandraoberaigner