Authorize coder workspace to access forwarded port urls

I'm working on OIDC between two applications and the user needs to be able to provide App A a url to App B that both App A and the user can use to access App B. The issue is my coder workspace is not authorized to access coder urls, so in order to do this I must make the App B url public. Is there a way to authorize the coder workspace to access the url for App B without making the url public?
9 Replies
Codercord
Codercord5mo ago
<#1278055706871861278>
Category
Help needed
Product
Coder OSS (v2)
Platform
Linux
Logs
Please post any relevant logs/error messages.
ShamesBond
ShamesBondOP5mo ago
I could locate these two apps on the same workspace, but still I'd need to have some custom logic that translates coder URIs into local URIs and I wouldn't want that code to land in poduction
bpmct
bpmct4mo ago
Hey, I think I'm following. Are users interacting with these apps via subdomain coder_apps? I imagine if they are port forwarding using VS Code desktop and both were localhost, this wouldn't be a problem?
bpmct
bpmct4mo ago
We have some docs on our support for CORS here https://coder.com/docs/networking/port-forwarding#cross-origin-resource-sharing-cors. Does any of this help?
Port Forwarding - Coder Docs
Learn how to forward ports in Coder
From An unknown user
From An unknown user
ShamesBond
ShamesBondOP4mo ago
I want workspace A to be able to request a coder share uri on workspace B without making the share uri public What I ultimately did is colocate the apps on one workspace so that I could proxy the share uri through my local webserver and avoid authenticating with coder
bpmct
bpmct4mo ago
Ah I see. yeah, we don't currently allow workspace->workspace connections unless you expose something on the infra layer and use internal networking
ShamesBond
ShamesBondOP4mo ago
That makes sense. It'd be nice if there were a proxy you could point urls at that would manage SSL, but self signed along with configuring tools to trust the cert wasn't the hardest thing
Phorcys
Phorcys4mo ago
@ShamesBond closing this one since you found a workaround -- though this seems like something that would be worth looking into! in this case if you couldn't colocate on the same workspace i'd recommend linking up both workspaces with a virtual network
Codercord
Codercord4mo ago
@Phorcys closed the thread.

Did you find this page helpful?