From 93bc3892697c32ea609ac057f4df22abe3dc468e Mon Sep 17 00:00:00 2001 From: Ryan Nystrom Date: Thu, 15 Oct 2020 22:04:18 +0000 Subject: [PATCH 1/2] Add scopes flag to login --- pkg/cmd/auth/login/login.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/pkg/cmd/auth/login/login.go b/pkg/cmd/auth/login/login.go index bd02ed9e40e..7ded3056bc8 100644 --- a/pkg/cmd/auth/login/login.go +++ b/pkg/cmd/auth/login/login.go @@ -27,6 +27,7 @@ type LoginOptions struct { Interactive bool Hostname string + Scopes []string Token string Web bool } @@ -50,6 +51,9 @@ func NewCmdLogin(f *cmdutil.Factory, runF func(*LoginOptions) error) *cobra.Comm Alternatively, pass in a token on standard input by using %[1]s--with-token%[1]s. The minimum required scopes for the token are: "repo", "read:org". + + The --scopes flag accepts a comma separated list of scopes you want your gh credentials to have. If + absent, this command ensures that gh has access to a minimum set of scopes. `, "`"), Example: heredoc.Doc(` # start interactive setup @@ -104,6 +108,7 @@ func NewCmdLogin(f *cmdutil.Factory, runF func(*LoginOptions) error) *cobra.Comm } cmd.Flags().StringVarP(&opts.Hostname, "hostname", "h", "", "The hostname of the GitHub instance to authenticate with") + cmd.Flags().StringSliceVarP(&opts.Scopes, "scopes", "s", nil, "Additional authentication scopes for gh to have") cmd.Flags().BoolVar(&tokenStdin, "with-token", false, "Read token from standard input") cmd.Flags().BoolVarP(&opts.Web, "web", "w", false, "Open a browser to authenticate") @@ -223,7 +228,7 @@ func loginRun(opts *LoginOptions) error { } if authMode == 0 { - _, err := authflow.AuthFlowWithConfig(cfg, hostname, "", []string{}) + _, err := authflow.AuthFlowWithConfig(cfg, hostname, "", opts.Scopes) if err != nil { return fmt.Errorf("failed to authenticate via web browser: %w", err) } From 02883a89e3a9b28e3de50f4fffecffff93fb7096 Mon Sep 17 00:00:00 2001 From: Ryan Nystrom Date: Fri, 16 Oct 2020 15:58:07 +0000 Subject: [PATCH 2/2] add tests --- pkg/cmd/auth/login/login_test.go | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/pkg/cmd/auth/login/login_test.go b/pkg/cmd/auth/login/login_test.go index 0abfeb7e3aa..9a6b5aa8b70 100644 --- a/pkg/cmd/auth/login/login_test.go +++ b/pkg/cmd/auth/login/login_test.go @@ -118,6 +118,28 @@ func Test_NewCmdLogin(t *testing.T) { cli: "--web --with-token", wantsErr: true, }, + { + name: "tty one scope", + stdinTTY: true, + cli: "--scopes repo:invite", + wants: LoginOptions{ + Hostname: "", + Scopes: []string{"repo:invite"}, + Token: "", + Interactive: true, + }, + }, + { + name: "tty scopes", + stdinTTY: true, + cli: "--scopes repo:invite,read:public_key", + wants: LoginOptions{ + Hostname: "", + Scopes: []string{"repo:invite", "read:public_key"}, + Token: "", + Interactive: true, + }, + }, } for _, tt := range tests { @@ -160,6 +182,7 @@ func Test_NewCmdLogin(t *testing.T) { assert.Equal(t, tt.wants.Hostname, gotOpts.Hostname) assert.Equal(t, tt.wants.Web, gotOpts.Web) assert.Equal(t, tt.wants.Interactive, gotOpts.Interactive) + assert.Equal(t, tt.wants.Scopes, gotOpts.Scopes) }) } }