Skip to content

Commit

Permalink
Load DeviceFlow Publicly
Browse files Browse the repository at this point in the history
  • Loading branch information
@MariusStorhaug
MariusStorhaug committed Sep 20, 2023
1 parent 09aca94 commit 53cc5bc
Show file tree
Hide file tree
Showing 8 changed files with 34 additions and 31 deletions.
32 changes: 20 additions & 12 deletions src/GitHub/public/Auth/Connect-GitHubAccount.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@
# For more info about the types of authentication visit:
# https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/differences-between-github-apps-and-oauth-apps
[Parameter()]
[ValidateSet('OAuthApp', 'GitHubApp')]
[ValidateSet('OAuthApp', 'GitHubApp', 'PAT')]
[string] $Mode = 'GitHubApp',

# The scope of the access token, when using OAuth authentication.
Expand All @@ -51,11 +51,16 @@
[string] $Scope = 'gist read:org repo workflow'
)

$Vault = Get-SecretVault | Where-Object -Property ModuleName -EQ 'Microsoft.PowerShell.SecretStore'
$vault = Get-SecretVault | Where-Object -Property ModuleName -EQ 'Microsoft.PowerShell.SecretStore'

if ($null -eq $vault) {
Initialize-SecretVault
$vault = Get-SecretVault | Where-Object -Property ModuleName -EQ 'Microsoft.PowerShell.SecretStore'
}

if ($PSBoundParameters.ContainsKey('Token')) {
Set-GithubConfig -Token $Token
# $tokenType = 'token'
$script:AccessToken = $Token
$script:AuthMode = 'PAT'
} else {
$tokenResponse = Invoke-GitHubDeviceCodeLogin -Mode $Mode -Scope $Scope
$accessToken = $tokenResponse.access_token # ghu_#### OR gho_####
Expand All @@ -64,17 +69,20 @@
$refreshToken = $tokenResponse.refresh_token # ghr_########
$refreshTokenExpiresIn = $tokenResponse.refresh_token_expires_in # 15724800 = 6 months
$refreshTokenExpirationDate = (Get-Date).AddSeconds($refreshTokenExpiresIn) # 2022-03-28T21:00:00.0000000-04:00
$tokenType = $tokenResponse.token_type # bearer
$tokenScope = $tokenResponse.scope
Set-GithubConfig -Token $accessToken
Set-Secret -Name 'GitHubPS.access_token.expirationDate' -Secret $accessTokenExpirationDate.toString() -Vault $Vault.Name
Set-Secret -Name 'GitHubPS.refresh_token' -Secret $refreshToken -Vault $Vault.Name
Set-Secret -Name 'GitHubPS.refresh_token.expirationDate' -Secret $refreshTokenExpirationDate.toString() -Vault $Vault.Name
Set-Secret -Name 'GitHubPS.token_type' -Secret $tokenType -Vault $Vault.Name
Set-Secret -Name 'GitHubPS.scope' -Secret $tokenScope -Vault $Vault.Name

$script:AccessToken = $accessToken
$script:AuthMode = $Mode
Set-Secret -Name 'GitHubPS.AccessToken' -Secret $accessToken -Vault $vault.Name
Set-Secret -Name 'GitHubPS.AccessToken.ExpirationDate' -Secret $accessTokenExpirationDate.toString() -Vault $vault.Name
Set-Secret -Name 'GitHubPS.RefreshToken' -Secret $refreshToken -Vault $vault.Name
Set-Secret -Name 'GitHubPS.RefreshToken.ExpirationDate' -Secret $refreshTokenExpirationDate.toString() -Vault $vault.Name
Set-Secret -Name 'GitHubPS.Scope' -Secret $tokenScope -Vault $vault.Name
}

$user = Get-GitHubUser
Set-Secret -Name 'GitHubPS.AuthMode' -Secret $script:AuthMode -Vault $vault.Name

$user = Get-GitHubUser
Write-Host '' -ForegroundColor Green -NoNewline
Write-Host "Logged in as $($user.name) (@$($user.login))!"
}
2 changes: 1 addition & 1 deletion src/GitHub/public/Core/Invoke-GitHubAPI.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
[string] $Accept,

[Parameter()]
[string] $Token = $script:Token,
[string] $Token = $script:AccessToken,

[Parameter()]
[string] $ContentType = $script:ContentType,
Expand Down
1 change: 0 additions & 1 deletion src/GitHub/public/Core/Set-GitHubConfig.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@
)

$Vault = Get-SecretVault | Where-Object -Property ModuleName -EQ 'Microsoft.PowerShell.SecretStore'
$secrets = Get-SecretInfo -Vault $Vault.Name

if ($PSBoundParameters.ContainsKey('Owner')) {
$script:Owner = $Owner
Expand Down
0 ...viceFlow/Invoke-GitHubDeviceCodeLogin.ps1 → ...viceFlow/Invoke-GitHubDeviceCodeLogin.ps1
View file
File renamed without changes.
0 ...h/DeviceFlow/Request-GitHubDeviceCode.ps1 → ...c/DeviceFlow/Request-GitHubDeviceCode.ps1
View file
File renamed without changes.
6 changes: 1 addition & 5 deletions ...h/Auth/DeviceFlow/Request-GitHubToken.ps1 → ...public/DeviceFlow/Request-GitHubToken.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,11 +58,7 @@
$RESTParams = @{
Uri = 'https://github.com/login/oauth/access_token'
Method = 'POST'
Body = @{
'client_id' = $ClientID
'device_code' = $DeviceCode
'grant_type' = 'urn:ietf:params:oauth:grant-type:device_code'
}
Body = $body
Headers = @{ 'Accept' = 'application/json' }
}

Expand Down
0 ...Auth/Auth/DeviceFlow/Wait-GitHubToken.ps1 → ...ub/public/DeviceFlow/Wait-GitHubToken.ps1
View file
File renamed without changes.
24 changes: 12 additions & 12 deletions src/GitHub/public/loader.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,27 +4,27 @@ Initialize-SecretVault
$secrets = Get-SecretInfo -Vault 'SecretStore'

if ([string]::IsNullOrEmpty($script:Token)) {
$script:Token = $env:GH_TOKEN
$script:AccessToken = $env:GH_TOKEN
}
if ([string]::IsNullOrEmpty($script:Token)) {
$script:Token = $env:GITHUB_TOKEN
$script:AccessToken = $env:GITHUB_TOKEN
}
if (([string]::IsNullOrEmpty($Script:Token)) -and ('GitHub.Token' -in $secrets.name)) {
$script:Token = Get-Secret -Name 'GitHub.Token' -AsPlainText
if ($secrets.name -contains 'GitHubPS.AccessToken') {
$script:AccessToken = Get-Secret -Name 'GitHubPS.AccessToken' -AsPlainText
}

if (([string]::IsNullOrEmpty($script:Owner)) -and ('GitHub.Owner' -in $secrets.name)) {
$script:Owner = Get-Secret -Name 'GitHub.Owner' -AsPlainText
if ($secrets.name -contains 'GitHubPS.Owner') {
$script:Owner = Get-Secret -Name 'GitHubPS.Owner' -AsPlainText
}

if (([string]::IsNullOrEmpty($script:Repo)) -and ('GitHub.Repo' -in $secrets.name)) {
$script:Repo = Get-Secret -Name 'GitHub.Repo' -AsPlainText
if ($secrets.name -contains 'GitHubPS.Repo') {
$script:Repo = Get-Secret -Name 'GitHubPS.Repo' -AsPlainText
}

if (([string]::IsNullOrEmpty($script:APIBaseURI)) -and ('GitHub.APIBaseURI' -in $secrets.name)) {
$script:APIBaseURI = Get-Secret -Name 'GitHub.APIBaseURI' -AsPlainText
if ($secrets.name -contains 'GitHubPS.APIBaseURI') {
$script:APIBaseURI = Get-Secret -Name 'GitHubPS.APIBaseURI' -AsPlainText
}

if (([string]::IsNullOrEmpty($script:Version)) -and ('GitHub.Version' -in $secrets.name)) {
$script:Version = Get-Secret -Name 'GitHub.Version' -AsPlainText
if ($secrets.name -contains 'GitHubPS.Version') {
$script:Version = Get-Secret -Name 'GitHubPS.Version' -AsPlainText
}

0 comments on commit 53cc5bc

Please sign in to comment.