Module: Legion::Extensions::Github::CLI::Auth

Includes:
Helpers::Client
Defined in:
lib/legion/extensions/github/cli/auth.rb

Constant Summary

Constants included from Helpers::Client

Helpers::Client::CREDENTIAL_RESOLVERS

Constants included from Helpers::TokenCache

Helpers::TokenCache::TOKEN_BUFFER_SECONDS

Instance Method Summary collapse

Methods included from Helpers::Client

#connection, #gh_cli_token_output, #max_fallback_retries, #on_rate_limit, #on_scope_authorized, #on_scope_denied, #resolve_broker_app, #resolve_credential, #resolve_env, #resolve_gh_cli, #resolve_next_credential, #resolve_settings_app, #resolve_settings_delegated, #resolve_settings_pat, #resolve_vault_app, #resolve_vault_delegated, #resolve_vault_pat

Methods included from Helpers::ScopeRegistry

#credential_fingerprint, #invalidate_scope, #mark_rate_limited, #rate_limited?, #register_scope, #scope_status

Methods included from Helpers::TokenCache

#fetch_token, #mark_rate_limited, #rate_limited?, #store_token

Instance Method Details

#login(client_id: nil, client_secret: nil, scopes: nil) ⇒ Object 



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
# File 'lib/legion/extensions/github/cli/auth.rb', line 13

def (client_id: nil, client_secret: nil, scopes: nil, **)
  cid = client_id || settings_client_id
  csec = client_secret || settings_client_secret
  sc = scopes || settings_scopes

  unless cid
    return { error:       'missing_config',
             description: 'Set github.oauth.client_id or github.app.client_id in settings' }
  end

  browser = Helpers::BrowserAuth.new(client_id: cid, client_secret: csec, scopes: sc)
  result = browser.authenticate

  if result[:result]&.dig('access_token') && respond_to?(:store_oauth_token, true)
    user = begin
      current_user(token: result[:result]['access_token'])
    rescue StandardError => _e
      'default'
    end
    store_oauth_token(
      user:          user,
      access_token:  result[:result]['access_token'],
      refresh_token: result[:result]['refresh_token'],
      expires_in:    result[:result]['expires_in']
    )
  end

  result
end

#statusObject 



43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
 
# File 'lib/legion/extensions/github/cli/auth.rb', line 43

def status(**)
  cred = resolve_credential
  return { result: { authenticated: false } } unless cred

   = {}
  scopes = nil

  begin
    response = connection(token: cred[:token]).get('/user')
     = response.body || {}
    headers = response.respond_to?(:headers) ? response.headers : {}
    scopes_header = headers['X-OAuth-Scopes'] || headers['x-oauth-scopes']
    scopes = scopes_header&.split(',')&.map(&:strip)
  rescue StandardError => _e
     = {}
    scopes = nil
  end

  { result: { authenticated: true, auth_type: cred[:auth_type],
              user: ['login'], scopes: scopes } }
end