gh pr checkout 7

Originally posted by @tigressma in #7 (comment)

I'm trying to create a CLI tool for internal use at my company that can access an internal repository in our GitHub Enterprise Cloud organization (we have SSO enabled). I can use this library to successfully create an access token for my account, but I can't use the access token to access my repository. Is it possible to request that the access token have SSO enabled programmatically so that I can use it to hit an internal repository, or would I be better off just asking my users to provide a personal access token with SSO already enabled?

According to the specs (https://datatracker.ietf.org/doc/html/rfc8628#section-3.2), the Device Authorization Response returns also an optional verification_uri_complete

   verification_uri_complete
      OPTIONAL.  A verification URI that includes the "user_code" (or
      other information with the same function as the "user_code"),
      which is designed for non-textual transmission.

It should be available in device.CodeResponse struct too.

Description

See bug report: cli/cli#9248

TL;DR: The current host parsing function is non-idiomatic and hides errors opening the possibility for panics. We can't change the existing function without a breaking change so we will introduce a new function with signature func NewHost(hostname string) (*Host, error).

@fingolfin Thats seems like a good idea. Will you make the PR ?

Once you have selected your values for your --json flag and made them pretty with --template, you can then pass your command through fzf for an interactive experience.

Take advantage of the environment variable GH_FORCE_TTY, to enable terminal-style output even when the output is redirected (see gh environment for more details about it).

Example:

Code

# .zshrc gh pr list command extended with fzf, see the man page (man fzf) for an explanation of the arguments.
function ghpr {
	[[ ! "$(git rev-parse --is-inside-work-tree)" ]] && return 1
	GH_COMMAND='gh pr list --state open --json number,author,additions,deletions,updatedAt,title --template "
	{{- tablerow (\"PR\" | color \"blue+b\") (\"LAST UPDATE\" | color \"blue+b\") (\"AUTHOR\" | color \"blue+b\") \"\" \"\" (\"TITLE\" | color \"blue+b\") -}}
	{{- range . -}}
		{{- tablerow (printf \"#%v\" .number | color \"green+h\") (timeago .updatedAt | color \"gray+h\") (.author.login | color \"cyan+h\") (printf \"+%v\" .additions | color \"green\") (printf \"-%v\" .deletions | color \"red\") .title -}}
	{{- end -}}" --search'
	FZF_DEFAULT_COMMAND="$GH_COMMAND ${1:-\"\"}" \
		GH_FORCE_TTY=100% fzf --ansi --disabled --no-multi --header-lines=1 \
		--header $'CTRL+B - Browser | CTRL+D - Toggle Diff  | CTRL+X - Checkout\nCTRL+E - Edit    | CTRL+I - Toggle Info  | CTRL+Y - Comment' \
		--prompt 'Search Open PRs >' --preview-window hidden:wrap \
		--layout=reverse --info=inline --no-multi \
		--bind "change:reload:sleep 0.25; $GH_COMMAND {q} || true" \
		--bind 'ctrl-b:execute-silent(gh pr view {1} --web)' \
		--bind 'ctrl-d:toggle-preview+change-preview(gh pr diff {1} --color always)' \
		--bind 'ctrl-i:toggle-preview+change-preview(gh pr view {1} --comments)' \
		--bind 'ctrl-e:accept+execute(gh pr edit {1})' \
		--bind 'ctrl-x:accept+execute(gh pr checkout {1})' \
		--bind 'ctrl-y:accept+execute(gh pr comment {1})'
}

GIF

In the example I used nano as editor to write the comment, but you can set your own with gh config set editor ....

Originally posted by @LangLangBart in cli/cli#6089 (comment)

Hi! Thanks for the pull request. Please ensure that this change is linked to an issue by mentioning an issue number in the description of the pull request. If this pull request would close the issue, please put the word 'Fixes' before the issue number somewhere in the pull request body. If this is a tiny change like fixing a typo, feel free to ignore this message.

Originally posted by @cliAutomation in cli/cli#3943 (comment)

I've been testing this library out with the device code flow feature in the Dex Authorization framework (https://github.com/dexidp/dex) and it doesn't seem to work properly.

After digging into the code a little bit, I realized that this library expects the response to be encoded as a form. If it does not receive a response in that form, it falls back to the webapp flow.

However, the official RFC for the Device Code flow explicitly expects a JSON response.

Would a PR that allows for both response types be welcome?

gh pr checkout 7

Originally posted by @tigressma in #7 (comment)

What's Changed

• pr merge: fix merge queue API access for PAT consumers by @mislav in cli/cli#5779
• Use go-gh repository.ParseWithHost by @samcoe in cli/cli#5655
• Use go-gh for SSH hostname alias translation by @samcoe in cli/cli#5654

Full Changelog: cli/cli@v2.12.0...v2.12.1

Originally posted by @github-actions[bot] in cli/cli#5780

On the device flow, add support to specify the message to be shown to the user.

On oauth_device.go, currently the messages are:
fmt.Fprintf(stdout, "First, copy your one-time code: %s\n", code.UserCode)
fmt.Fprint(stdout, "Then press [Enter] to continue in the web browser... ")

No worries. We'll try to add a test before this merges ✌️

Originally posted by @mislav in cli/cli#4285 (comment)

Note: I had erroneously committed to master instead of to a feature branch before creating this PR — I suppose that may be why I saw this message. Regardless, gh didn't help me figure this out, but instead confused me further; so I suppose the message could be clarified.

Originally posted by @waldyrious in cli/cli#2090 (comment)

What's Changed

• Support filtering PRs authored by GitHub Apps by @joshmgross in cli/cli#5180
• Alias list as ls for all commands by @CGA1123 in cli/cli#5214
• Change how gh-cli is installed on fedora by @Hanjingxue-Boling in cli/cli#5204
• gh auth login: added flags to partially automate flow by @jonathan-enf in cli/cli#5158
• Use StringEnumFlag helper in more places by @mislav in cli/cli#5221
• Misc. docs improvements by @mislav in cli/cli#5223
• 💅 Update triage.md by @mislav in cli/cli#5238
• Codespaces Create: Allow Accepting Permissions by @markphelps in cli/cli#5234
• Bump github.com/itchyny/gojq from 0.12.6 to 0.12.7 by @dependabot in cli/cli#5263
• Fix HexToRGB panic by @markphelps in cli/cli#5247
• Fix obtained scope mapping to include implied scopes by @mario-campos in cli/cli#5256

New Contributors

• @CGA1123 made their first contribution in cli/cli#5214
• @Hanjingxue-Boling made their first contribution in cli/cli#5204
• @jonathan-enf made their first contribution in cli/cli#5158
• @markphelps made their first contribution in cli/cli#5234
• @mario-campos made their first contribution in cli/cli#5256

Full Changelog: cli/cli@v2.5.1...v2.5.2

Originally posted by @github-actions[bot] in cli/cli#5265

This is kind of a nice issue, but in a console app I am working on the app intercepts the os SIGKILL/SIGINT signals to do all of its own graceful shutdown via context, but currently there is no way to cancel the loop in PollToken.

To make this cancelable, it would be nice to something like this into the loop there.

		select {
		case <-ctx.Done():
			return nil, ErrCanceled
		default:
			timeSleep(checkInterval)
		}

Then the function could be extended like a lot of packages with a second copy of the method, and context propagated down.

func PollTokenContext(ctx context.Context, c httpClient, pollURL string, clientID string, code *CodeResponse) (*api.AccessToken, error) {
... current implementation
}

func PollToken(c httpClient, pollURL string, clientID string, code *CodeResponse) (*api.AccessToken, error) {
  return PollTokenContext(context.Background(), c, pollURL, clientID, code)
}

The same thing could be done to DetectFlow, or it could be embbed within the flow struct so the outer api layout would change less.

Hey there! Thanks for making this oauth module, it's awesome!

Curious if there is interest in adding support for the Microsoft identity platform's OAuth device flow?

I took a quick look at what's needed, and I think potentially the "only" change would be to support a JSON response from the device code endpoint, currently it looks like we only handle form responses:

I think if it could accept JSON, then other OAuth servers, like Microsoft identity platform's, would come for free.

Thoughts?

#2659

Originally posted by @rgbg2498 in cli/cli#2184 (comment)

Hi, I apologize if I've just missed something in the documentation but, should our OAuth App Client IDs be kept secret? In the case of writing a headless app how should we distribute the Client IDs to the user's applications so that they can authenticate with GitHub? Is it best to write a server side relay that requests the tokens on the behalf of the CLI tool and then passes the resulting temporary code and token back to the user, so that the user never has access to the Client ID, or is it safe to embed the client ID in a distributed binary/source code? Thanks for your time.

SAMSUNG_globalcode_of_conduct_2020.pdf

Originally posted by @Lilmomma42 in cli/cli#4318 (comment)

oauth-0.8.0.tar.gz

Originally posted by @tigressma in #15 (comment)