Thanks to visit codestin.com
Credit goes to github.com

Skip to content

disable requireOAuthToken for agentview task #12322

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
kyledarrylaguilar-ms wants to merge 1 commit into from
Closed

disable requireOAuthToken for agentview task #12322

kyledarrylaguilar-ms wants to merge 1 commit into from
+3 −1

Conversation

@kyledarrylaguilar-ms
Copy link

@kyledarrylaguilar-ms kyledarrylaguilar-ms commented Dec 16, 2025

No description provided.

Copilot AI review requested due to automatic review settings December 16, 2025 11:28
@kyledarrylaguilar-ms kyledarrylaguilar-ms requested a review from a team as a code owner December 16, 2025 11:28
@cliAutomation cliAutomation added the external pull request originating outside of the CLI core team label Dec 16, 2025
@cliAutomation
Copy link
Collaborator

cliAutomation commented Dec 16, 2025

Hi! Thanks for the pull request. Please ensure that this change is linked to an issue by mentioning an issue number in the description of the pull request. If this pull request would close the issue, please put the word 'Fixes' before the issue number somewhere in the pull request body. If this is a tiny change like fixing a typo, feel free to ignore this message.

@kyledarrylaguilar-ms kyledarrylaguilar-ms deleted the feature/remove_oauth2_in_agent_task branch December 16, 2025 11:29
@kyledarrylaguilar-ms kyledarrylaguilar-ms restored the feature/remove_oauth2_in_agent_task branch December 16, 2025 11:31
@kyledarrylaguilar-ms kyledarrylaguilar-ms deleted the feature/remove_oauth2_in_agent_task branch December 16, 2025 11:33
Copilot AI reviewed Dec 16, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR temporarily disables OAuth token validation for the agent-task command by commenting out the requireOAuthToken call in the PersistentPreRunE hook. The change is explicitly marked as temporary while feature flagging work is in progress for agent tasks.

Key Changes

  • Disabled OAuth token authentication requirement for agent-task commands
  • Added a NOTE comment explaining this is temporary for feature flagging work
  • Changed PersistentPreRunE to return nil instead of validating OAuth tokens

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

pkg/cmd/agent-task/agent_task.go
Comment on lines +52 to +54
// NOTE: Temporarily disabled while we work on agent tasks feature flagging.
// return requireOAuthToken(f)
return nil
Copy link

Copilot AI Dec 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The OAuth token validation has been disabled, but all the existing test cases in agent_task_test.go still assume this validation is active. These tests verify various token scenarios (oauth_token, keyring, enterprise, etc.) and expect errors when invalid tokens are provided. With the validation disabled, all these tests will now pass regardless of token validity, making them ineffective at catching regressions. The tests should either be updated to reflect the current behavior or skipped/marked as pending until the OAuth validation is re-enabled.

Copilot uses AI. Check for mistakes.
pkg/cmd/agent-task/agent_task.go
`),
PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
return requireOAuthToken(f)
// NOTE: Temporarily disabled while we work on agent tasks feature flagging.
Copy link

Copilot AI Dec 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Disabling OAuth token validation removes an important security control that ensures only properly authenticated users can access agent task commands. The comment indicates this is temporary for feature flagging work, but there's no tracking mechanism (like a TODO with a ticket reference) to ensure this security check is re-enabled. Consider adding a TODO comment with a reference to the tracking issue to prevent this temporary change from becoming permanent.

Suggested change
// NOTE: Temporarily disabled while we work on agent tasks feature flagging.
// NOTE: Temporarily disabled while we work on agent tasks feature flagging.
// TODO(gh/cli#12345): Re-enable OAuth token validation after agent tasks feature flagging is complete.

Copilot uses AI. Check for mistakes.
@bernab679-cmd

This comment was marked as spam.

Sign in to view
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@babakks babakks Awaiting requested review from babakks babakks is a code owner automatically assigned from cli/code-reviewers

Assignees

No one assigned

Labels

external pull request originating outside of the CLI core team

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@kyledarrylaguilar-ms @cliAutomation @bernab679-cmd