diff --git a/src/GitHub/public/Auth/Connect-GitHubAccount.ps1 b/src/GitHub/public/Auth/Connect-GitHubAccount.ps1 index 7e1e56a2a..1cbdfa7a2 100644 --- a/src/GitHub/public/Auth/Connect-GitHubAccount.ps1 +++ b/src/GitHub/public/Auth/Connect-GitHubAccount.ps1 @@ -40,7 +40,7 @@ # For more info about the types of authentication visit: # https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/differences-between-github-apps-and-oauth-apps [Parameter()] - [ValidateSet('OAuthApp', 'GitHubApp')] + [ValidateSet('OAuthApp', 'GitHubApp', 'PAT')] [string] $Mode = 'GitHubApp', # The scope of the access token, when using OAuth authentication. @@ -51,11 +51,16 @@ [string] $Scope = 'gist read:org repo workflow' ) - $Vault = Get-SecretVault | Where-Object -Property ModuleName -EQ 'Microsoft.PowerShell.SecretStore' + $vault = Get-SecretVault | Where-Object -Property ModuleName -EQ 'Microsoft.PowerShell.SecretStore' + + if ($null -eq $vault) { + Initialize-SecretVault + $vault = Get-SecretVault | Where-Object -Property ModuleName -EQ 'Microsoft.PowerShell.SecretStore' + } if ($PSBoundParameters.ContainsKey('Token')) { - Set-GithubConfig -Token $Token - # $tokenType = 'token' + $script:AccessToken = $Token + $script:AuthMode = 'PAT' } else { $tokenResponse = Invoke-GitHubDeviceCodeLogin -Mode $Mode -Scope $Scope $accessToken = $tokenResponse.access_token # ghu_#### OR gho_#### @@ -64,17 +69,20 @@ $refreshToken = $tokenResponse.refresh_token # ghr_######## $refreshTokenExpiresIn = $tokenResponse.refresh_token_expires_in # 15724800 = 6 months $refreshTokenExpirationDate = (Get-Date).AddSeconds($refreshTokenExpiresIn) # 2022-03-28T21:00:00.0000000-04:00 - $tokenType = $tokenResponse.token_type # bearer $tokenScope = $tokenResponse.scope - Set-GithubConfig -Token $accessToken - Set-Secret -Name 'GitHubPS.access_token.expirationDate' -Secret $accessTokenExpirationDate.toString() -Vault $Vault.Name - Set-Secret -Name 'GitHubPS.refresh_token' -Secret $refreshToken -Vault $Vault.Name - Set-Secret -Name 'GitHubPS.refresh_token.expirationDate' -Secret $refreshTokenExpirationDate.toString() -Vault $Vault.Name - Set-Secret -Name 'GitHubPS.token_type' -Secret $tokenType -Vault $Vault.Name - Set-Secret -Name 'GitHubPS.scope' -Secret $tokenScope -Vault $Vault.Name + + $script:AccessToken = $accessToken + $script:AuthMode = $Mode + Set-Secret -Name 'GitHubPS.AccessToken' -Secret $accessToken -Vault $vault.Name + Set-Secret -Name 'GitHubPS.AccessToken.ExpirationDate' -Secret $accessTokenExpirationDate.toString() -Vault $vault.Name + Set-Secret -Name 'GitHubPS.RefreshToken' -Secret $refreshToken -Vault $vault.Name + Set-Secret -Name 'GitHubPS.RefreshToken.ExpirationDate' -Secret $refreshTokenExpirationDate.toString() -Vault $vault.Name + Set-Secret -Name 'GitHubPS.Scope' -Secret $tokenScope -Vault $vault.Name } - $user = Get-GitHubUser + Set-Secret -Name 'GitHubPS.AuthMode' -Secret $script:AuthMode -Vault $vault.Name + $user = Get-GitHubUser + Write-Host '✓ ' -ForegroundColor Green -NoNewline Write-Host "Logged in as $($user.name) (@$($user.login))!" } diff --git a/src/GitHub/public/Core/Invoke-GitHubAPI.ps1 b/src/GitHub/public/Core/Invoke-GitHubAPI.ps1 index 81ec1df54..05fa08373 100644 --- a/src/GitHub/public/Core/Invoke-GitHubAPI.ps1 +++ b/src/GitHub/public/Core/Invoke-GitHubAPI.ps1 @@ -18,7 +18,7 @@ [string] $Accept, [Parameter()] - [string] $Token = $script:Token, + [string] $Token = $script:AccessToken, [Parameter()] [string] $ContentType = $script:ContentType, diff --git a/src/GitHub/public/Core/Set-GitHubConfig.ps1 b/src/GitHub/public/Core/Set-GitHubConfig.ps1 index 0e1a166f7..5ce0e1134 100644 --- a/src/GitHub/public/Core/Set-GitHubConfig.ps1 +++ b/src/GitHub/public/Core/Set-GitHubConfig.ps1 @@ -15,7 +15,6 @@ ) $Vault = Get-SecretVault | Where-Object -Property ModuleName -EQ 'Microsoft.PowerShell.SecretStore' - $secrets = Get-SecretInfo -Vault $Vault.Name if ($PSBoundParameters.ContainsKey('Owner')) { $script:Owner = $Owner diff --git a/src/GitHub/public/Auth/Auth/DeviceFlow/Invoke-GitHubDeviceCodeLogin.ps1 b/src/GitHub/public/DeviceFlow/Invoke-GitHubDeviceCodeLogin.ps1 similarity index 100% rename from src/GitHub/public/Auth/Auth/DeviceFlow/Invoke-GitHubDeviceCodeLogin.ps1 rename to src/GitHub/public/DeviceFlow/Invoke-GitHubDeviceCodeLogin.ps1 diff --git a/src/GitHub/public/Auth/Auth/DeviceFlow/Request-GitHubDeviceCode.ps1 b/src/GitHub/public/DeviceFlow/Request-GitHubDeviceCode.ps1 similarity index 100% rename from src/GitHub/public/Auth/Auth/DeviceFlow/Request-GitHubDeviceCode.ps1 rename to src/GitHub/public/DeviceFlow/Request-GitHubDeviceCode.ps1 diff --git a/src/GitHub/public/Auth/Auth/DeviceFlow/Request-GitHubToken.ps1 b/src/GitHub/public/DeviceFlow/Request-GitHubToken.ps1 similarity index 91% rename from src/GitHub/public/Auth/Auth/DeviceFlow/Request-GitHubToken.ps1 rename to src/GitHub/public/DeviceFlow/Request-GitHubToken.ps1 index 72eb87198..f9b01f9b9 100644 --- a/src/GitHub/public/Auth/Auth/DeviceFlow/Request-GitHubToken.ps1 +++ b/src/GitHub/public/DeviceFlow/Request-GitHubToken.ps1 @@ -58,11 +58,7 @@ $RESTParams = @{ Uri = 'https://github.com/login/oauth/access_token' Method = 'POST' - Body = @{ - 'client_id' = $ClientID - 'device_code' = $DeviceCode - 'grant_type' = 'urn:ietf:params:oauth:grant-type:device_code' - } + Body = $body Headers = @{ 'Accept' = 'application/json' } } diff --git a/src/GitHub/public/Auth/Auth/DeviceFlow/Wait-GitHubToken.ps1 b/src/GitHub/public/DeviceFlow/Wait-GitHubToken.ps1 similarity index 100% rename from src/GitHub/public/Auth/Auth/DeviceFlow/Wait-GitHubToken.ps1 rename to src/GitHub/public/DeviceFlow/Wait-GitHubToken.ps1 diff --git a/src/GitHub/public/loader.ps1 b/src/GitHub/public/loader.ps1 index 20f0ed540..ed16a6c84 100644 --- a/src/GitHub/public/loader.ps1 +++ b/src/GitHub/public/loader.ps1 @@ -4,27 +4,27 @@ Initialize-SecretVault $secrets = Get-SecretInfo -Vault 'SecretStore' if ([string]::IsNullOrEmpty($script:Token)) { - $script:Token = $env:GH_TOKEN + $script:AccessToken = $env:GH_TOKEN } if ([string]::IsNullOrEmpty($script:Token)) { - $script:Token = $env:GITHUB_TOKEN + $script:AccessToken = $env:GITHUB_TOKEN } -if (([string]::IsNullOrEmpty($Script:Token)) -and ('GitHub.Token' -in $secrets.name)) { - $script:Token = Get-Secret -Name 'GitHub.Token' -AsPlainText +if ($secrets.name -contains 'GitHubPS.AccessToken') { + $script:AccessToken = Get-Secret -Name 'GitHubPS.AccessToken' -AsPlainText } -if (([string]::IsNullOrEmpty($script:Owner)) -and ('GitHub.Owner' -in $secrets.name)) { - $script:Owner = Get-Secret -Name 'GitHub.Owner' -AsPlainText +if ($secrets.name -contains 'GitHubPS.Owner') { + $script:Owner = Get-Secret -Name 'GitHubPS.Owner' -AsPlainText } -if (([string]::IsNullOrEmpty($script:Repo)) -and ('GitHub.Repo' -in $secrets.name)) { - $script:Repo = Get-Secret -Name 'GitHub.Repo' -AsPlainText +if ($secrets.name -contains 'GitHubPS.Repo') { + $script:Repo = Get-Secret -Name 'GitHubPS.Repo' -AsPlainText } -if (([string]::IsNullOrEmpty($script:APIBaseURI)) -and ('GitHub.APIBaseURI' -in $secrets.name)) { - $script:APIBaseURI = Get-Secret -Name 'GitHub.APIBaseURI' -AsPlainText +if ($secrets.name -contains 'GitHubPS.APIBaseURI') { + $script:APIBaseURI = Get-Secret -Name 'GitHubPS.APIBaseURI' -AsPlainText } -if (([string]::IsNullOrEmpty($script:Version)) -and ('GitHub.Version' -in $secrets.name)) { - $script:Version = Get-Secret -Name 'GitHub.Version' -AsPlainText +if ($secrets.name -contains 'GitHubPS.Version') { + $script:Version = Get-Secret -Name 'GitHubPS.Version' -AsPlainText }