Unable to validate ghauth

Question

Unable to validate ghauth

Closed this issue 4 years ago · 17 comments

I've used this great module in the past to programmatically manage what repos I'm watching. I just installed this module anew and got an error when trying to use it:

$ watch-gh-repos --org --watch zeke
Your GitHub username: zeke
Your GitHub password: ✔✔✔✔✔✔✔✔✔✔✔✔✔✔✔✔✔✔✔✔✔✔

(node:11873) TimeoutOverflowWarning: 4294967296000 does not fit into a 32-bit signed integer.
Timer duration was truncated to 2147483647.
(Use `node --trace-warnings ...` to show where the warning was created)
(node:11873) TimeoutOverflowWarning: 4294967296000 does not fit into a 32-bit signed integer.
Timer duration was truncated to 2147483647.
Unable to validate ghauth

$ node --version
v14.13.0

I think this is because the ghauth module recently had to be changed significantly to account for a newly deprecated GitHub auth API: https://github.com/rvagg/ghauth#ghauth

I know @bcomnes and @rvagg worked to update ghauth to still work (thanks! ✨ ), and I think consumers of ghauth like this module might have to make some changes to use the new version, but I haven't looked into the details yet.

Answer 1 · 2021-01-11T21:22:21.000Z

Only change you need to make is to set up a client id for watch-gh-repos if you want to support the oauth device flow (you should do this). Any existing PAT that ghauth generated before should still work. You can also opt to just have users manually generate and enter a PAT instead of an oauth token generated from device flow. LMK if you run into any issues relating to ghauth.

Answer 2 · 2021-01-11T21:24:37.000Z

Thanks, @zeke and @bcomnes! @bcomnes: am I right in thinking that I need to add documentation for each user use to set up a client ID? Do you have a link to that documentation so that I can add it here?

@zeke If you're more familiar with this, a PR would be great. I don't have the bandwidth to get to this this week.

Answer 3 · 2021-01-11T21:26:56.000Z

No, only the owner of the CLI needs to set up a client ID, and it gets baked into the CLI code (its like an app ID basically). This can live on your user account or an org account. You set it up in developer settings, and should be documented adequately in ghauth. Let me know those instructions don't make sense and we can improve.

Answer 4 · 2021-01-11T21:30:32.000Z

Ah, got it. In that case, I'll look at this in a bit. Thanks, Bret, for your work.

Answer 5 · 2021-01-12T02:45:44.000Z

I tried to update by adding the clientId, and it seems to break Octokat now, and I'm not sure why. I wonder if the token is messed up? I'm not sure that it updated, and I don't see a token stored in ~/.config/ on my machine.

Here is my latest commit: 74e82ec.

I also couldn't figure out how to turn on items 4 and 5 from this list. They weren't present in my UI. Thoughts?

Answer 6 · 2021-01-12T17:30:46.000Z

I tried to update by adding the clientId, and it seems to break Octokit now, and I'm not sure why.

How did it break? Did the device flow appear to work? Are you requesting the correct scopes?

I'm not sure that it updated, and I don't see a token stored in ~/.config/ on my machine.

It uses https://github.com/LinusU/node-application-config which is OS dependent. What OS are running on?

I also couldn't figure out how to turn on items 4 and 5 from this list. They weren't present in my UI. Thoughts?

Looks like GitHub changed the setup of device flow because its out of beta maybe. I will update the docs.

Answer 7 · 2021-01-12T17:37:32.000Z

Here is my latest commit: 74e82ec.

Going to try and find some time to take it for spin

Answer 8 · 2021-01-12T17:42:37.000Z

I can't reproduce, seems to work for me.

Answer 9 · 2021-01-12T17:48:08.000Z

Great news!

I'm on OSX. Any way I can see where ghauth stored its config files so I can flush them?

Answer 10 · 2021-01-12T18:16:01.000Z

I'm on OSX. Any way I can see where ghauth stored its config files so I can flush them?

Should be in ~/Library/Application Support/watch-gh-repos/config.json. I think the location changed in ghauth 4 and you could be right that it used to live in ~/.config/something on 3 or lower.

Answer 11 · 2021-01-14T17:26:13.000Z

Any luck? Always a possibility of bugs on ghauth's end due to some kind of edge case.

Answer 12 · 2021-02-10T10:13:20.000Z

Got it working by removing the file you suggested. Excellent! Thank you. Sorry about the extra confusion there.

One thing I am unclear on: do I commit my clientId?

Answer 13 · 2021-02-10T16:46:55.000Z

clientID is like a public identifier of the app, so it should get shipped in the code of the CLI. So yeah, commit that.

Answer 14 · 2021-02-10T16:53:16.000Z

I believe this can be closed now. \o/

Answer 15 · 2021-02-11T14:28:33.000Z

It works! Thank you very much @RichardLitt and @bcomnes 🙌🏼

$ npm i -g watch-gh-repos@latest
...
$ watch-gh-repos --org --watch zeke
  Authorize with Github by opening this URL in a browser:

    https://github.com/login/device

  and enter the following User Code:
  (or press ⏎ to enter a personal access token)

✔ Device flow complete.  Manage at https://github.com/settings/connections/applications/bfec45dffc45ea593ead
✔ Authorized for zeke
Wrote access token to "/Users/z/Library/Application Support/watch-gh-repos/config.json"
Watched: zeke/.com
Watched: zeke/12factor
Watched: zeke/18f.gsa.gov
Watched: zeke/404_color_bars
Watched: zeke/accessibility-developer-tools
...

Answer 16 · 2021-02-11T14:37:43.000Z

Yes, thank you @bcomnes. :)

Zeke - since you use this, want to be a comaintainer? Load is minimal.

Answer 17 · 2021-02-11T14:43:42.000Z

Sure. 👍🏼