LImit oauth entry with FF

mustard-mh · mustard-mh · commit 0a147588a07d · 2024-07-19T06:25:53.000Z
diff --git a/components/server/src/oauth-server/db.ts b/components/server/src/oauth-server/db.ts
@@ -179,3 +179,5 @@ for (const clientId in inMemoryDatabase.clients) {
         inMemoryDatabase.scopes[scope.name] = scope;
     }
 }
+
+export const toolboxClient = toolbox;
diff --git a/components/server/src/oauth-server/oauth-controller.ts b/components/server/src/oauth-server/oauth-controller.ts
@@ -15,7 +15,8 @@ import { inject, injectable } from "inversify";
 import { URL } from "url";
 import { Config } from "../config";
 import { clientRepository, createAuthorizationServer } from "./oauth-authorization-server";
-import { inMemoryDatabase } from "./db";
+import { inMemoryDatabase, toolboxClient } from "./db";
+import { getExperimentsClientForBackend } from "@gitpod/gitpod-protocol/lib/experiments/configcat-server";
 
 @injectable()
 export class OAuthController {
@@ -147,6 +148,18 @@ export class OAuthController {
                 return;
             }
 
+            if (clientID === toolboxClient.id) {
+                const enableExperimentalJBTB = await getExperimentsClientForBackend().getValueAsync(
+                    "enable_experimental_jbtb",
+                    false,
+                    { user },
+                );
+                if (!enableExperimentalJBTB) {
+                    res.sendStatus(400);
+                    return false;
+                }
+            }
+
             const request = new OAuthRequest(req);
 
             try {

Original file line number	Diff line number	Diff line change
`@@ -179,3 +179,5 @@ for (const clientId in inMemoryDatabase.clients) {`
`179`	`179`	`inMemoryDatabase.scopes[scope.name] = scope;`
`180`	`180`	`}`
`181`	`181`	`}`
	`182`	`+`
	`183`	`+export const toolboxClient = toolbox;`