1 files changed, 19 insertions, 2 deletions

diff --git a/app/controllers/ide_controller.rb b/app/controllers/ide_controller.rb
index 4cc943ac252..4a4d41f3e6f 100644
--- a/app/controllers/ide_controller.rb
+++ b/app/controllers/ide_controller.rb
@@ -5,7 +5,8 @@ class IdeController < ApplicationController
   include StaticObjectExternalStorageCSP
   include Gitlab::Utils::StrongMemoize
 
-  before_action :authorize_read_project!
+  before_action :authorize_read_project!, only: [:index]
+  before_action :ensure_web_ide_oauth_application!, only: [:index]
 
   before_action do
     push_frontend_feature_flag(:build_service_proxy)
@@ -24,7 +25,17 @@ class IdeController < ApplicationController
       @fork_info = fork_info(project, params[:branch])
     end
 
-    render layout: 'fullscreen', locals: { minimal: helpers.use_new_web_ide? }
+    render layout: helpers.use_new_web_ide? ? 'fullscreen' : 'application'
+  end
+
+  def oauth_redirect
+    return render_404 unless ::Gitlab::WebIde::DefaultOauthApplication.feature_enabled?(current_user)
+    # TODO - It's **possible** we end up here and no oauth application has been set up.
+    # We need to have better handling of these edge cases. Here's a follow-up issue:
+    # https://gitlab.com/gitlab-org/gitlab/-/issues/433322
+    return render_404 unless ::Gitlab::WebIde::DefaultOauthApplication.oauth_application
+
+    render layout: 'fullscreen', locals: { minimal: true }
   end
 
   private
@@ -33,6 +44,12 @@ class IdeController < ApplicationController
     render_404 unless can?(current_user, :read_project, project)
   end
 
+  def ensure_web_ide_oauth_application!
+    return unless ::Gitlab::WebIde::DefaultOauthApplication.feature_enabled?(current_user)
+
+    ::Gitlab::WebIde::DefaultOauthApplication.ensure_oauth_application!
+  end
+
   def fork_info(project, branch)
     return if can?(current_user, :push_code, project)