forked from Azure/azure-cli-extensions
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Added models. Finished transferring Calvin's previous work. * Updated wrong models. * Updated models in custom.py, added githubactionclient. * Updated envelope to be correct. * Small bug fixes. * Updated error handling. Fixed bugs. Initial working state. * Added better error handling. * Added error messages for tokens with inappropriate access rights. * Added back get_acr_cred. * Fixed problems from merge conflict. * Updated names of imports from ._models.py to fix pylance erros. * Removed random imports. Co-authored-by: Haroon Feisal <haroonfeisal@microsoft.com>
- Loading branch information
Showing
8 changed files
with
473 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,86 @@ | ||
# -------------------------------------------------------------------------------------------- | ||
# Copyright (c) Microsoft Corporation. All rights reserved. | ||
# Licensed under the MIT License. See License.txt in the project root for license information. | ||
# -------------------------------------------------------------------------------------------- | ||
|
||
from azure.cli.core.azclierror import (ValidationError, CLIInternalError, UnclassifiedUserFault) | ||
from knack.log import get_logger | ||
|
||
logger = get_logger(__name__) | ||
|
||
|
||
''' | ||
Get Github personal access token following Github oauth for command line tools | ||
https://docs.github.com/en/developers/apps/authorizing-oauth-apps#device-flow | ||
''' | ||
|
||
|
||
GITHUB_OAUTH_CLIENT_ID = "8d8e1f6000648c575489" | ||
GITHUB_OAUTH_SCOPES = [ | ||
"admin:repo_hook", | ||
"repo", | ||
"workflow" | ||
] | ||
|
||
def get_github_access_token(cmd, scope_list=None): # pylint: disable=unused-argument | ||
if scope_list: | ||
for scope in scope_list: | ||
if scope not in GITHUB_OAUTH_SCOPES: | ||
raise ValidationError("Requested github oauth scope is invalid") | ||
scope_list = ' '.join(scope_list) | ||
|
||
authorize_url = 'https://github.com/login/device/code' | ||
authorize_url_data = { | ||
'scope': scope_list, | ||
'client_id': GITHUB_OAUTH_CLIENT_ID | ||
} | ||
|
||
import requests | ||
import time | ||
from urllib.parse import parse_qs | ||
|
||
try: | ||
response = requests.post(authorize_url, data=authorize_url_data) | ||
parsed_response = parse_qs(response.content.decode('ascii')) | ||
|
||
device_code = parsed_response['device_code'][0] | ||
user_code = parsed_response['user_code'][0] | ||
verification_uri = parsed_response['verification_uri'][0] | ||
interval = int(parsed_response['interval'][0]) | ||
expires_in_seconds = int(parsed_response['expires_in'][0]) | ||
logger.warning('Please navigate to %s and enter the user code %s to activate and ' | ||
'retrieve your github personal access token', verification_uri, user_code) | ||
|
||
timeout = time.time() + expires_in_seconds | ||
logger.warning("Waiting up to '%s' minutes for activation", str(expires_in_seconds // 60)) | ||
|
||
confirmation_url = 'https://github.com/login/oauth/access_token' | ||
confirmation_url_data = { | ||
'client_id': GITHUB_OAUTH_CLIENT_ID, | ||
'device_code': device_code, | ||
'grant_type': 'urn:ietf:params:oauth:grant-type:device_code' | ||
} | ||
|
||
pending = True | ||
while pending: | ||
time.sleep(interval) | ||
|
||
if time.time() > timeout: | ||
raise UnclassifiedUserFault('Activation did not happen in time. Please try again') | ||
|
||
confirmation_response = requests.post(confirmation_url, data=confirmation_url_data) | ||
parsed_confirmation_response = parse_qs(confirmation_response.content.decode('ascii')) | ||
|
||
if 'error' in parsed_confirmation_response and parsed_confirmation_response['error'][0]: | ||
if parsed_confirmation_response['error'][0] == 'slow_down': | ||
interval += 5 # if slow_down error is received, 5 seconds is added to minimum polling interval | ||
elif parsed_confirmation_response['error'][0] != 'authorization_pending': | ||
pending = False | ||
|
||
if 'access_token' in parsed_confirmation_response and parsed_confirmation_response['access_token'][0]: | ||
return parsed_confirmation_response['access_token'][0] | ||
except Exception as e: | ||
raise CLIInternalError( | ||
'Error: {}. Please try again, or retrieve personal access token from the Github website'.format(e)) | ||
|
||
raise UnclassifiedUserFault('Activation did not happen in time. Please try again') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.