Unable to validate ghauth

[zeke]

Hi @RichardLitt 👋🏼

I've used this great module in the past to programmatically manage what repos I'm watching. I just installed this module anew and got an error when trying to use it:

$ watch-gh-repos --org --watch zeke
Your GitHub username: zeke
Your GitHub password: ✔✔✔✔✔✔✔✔✔✔✔✔✔✔✔✔✔✔✔✔✔✔

(node:11873) TimeoutOverflowWarning: 4294967296000 does not fit into a 32-bit signed integer.
Timer duration was truncated to 2147483647.
(Use `node --trace-warnings ...` to show where the warning was created)
(node:11873) TimeoutOverflowWarning: 4294967296000 does not fit into a 32-bit signed integer.
Timer duration was truncated to 2147483647.
Unable to validate ghauth

$ node --version
v14.13.0

I think this is because the ghauth module recently had to be changed significantly to account for a newly deprecated GitHub auth API: https://github.com/rvagg/ghauth#ghauth

I know @bcomnes and @rvagg worked to update ghauth to still work (thanks! ✨ ), and I think consumers of ghauth like this module might have to make some changes to use the new version, but I haven't looked into the details yet.

[bcomnes]

Only change you need to make is to set up a client id for watch-gh-repos if you want to support the oauth device flow (you should do this). Any existing PAT that ghauth generated before should still work. You can also opt to just have users manually generate and enter a PAT instead of an oauth token generated from device flow. LMK if you run into any issues relating to ghauth.

[RichardLitt]

Thanks, @zeke and @bcomnes! @bcomnes: am I right in thinking that I need to add documentation for each user use to set up a client ID? Do you have a link to that documentation so that I can add it here?

@zeke If you're more familiar with this, a PR would be great. I don't have the bandwidth to get to this this week.

[bcomnes]

No, only the owner of the CLI needs to set up a client ID, and it gets baked into the CLI code (its like an app ID basically). This can live on your user account or an org account. You set it up in developer settings, and should be documented adequately in ghauth. Let me know those instructions don't make sense and we can improve.

[RichardLitt]

Ah, got it. In that case, I'll look at this in a bit. Thanks, Bret, for your work.

[RichardLitt]

I tried to update by adding the clientId, and it seems to break Octokat now, and I'm not sure why. I wonder if the token is messed up? I'm not sure that it updated, and I don't see a token stored in ~/.config/ on my machine.

Here is my latest commit: https://github.com/RichardLitt/watch-gh-repos/commit/74e82ecb51cedc9328fe9bdf8b0b44c05fc0b616.

I also couldn't figure out how to turn on items 4 and 5 from this list. They weren't present in my UI. Thoughts?

[bcomnes]

I tried to update by adding the clientId, and it seems to break Octokit now, and I'm not sure why.

How did it break? Did the device flow appear to work? Are you requesting the correct scopes?

I'm not sure that it updated, and I don't see a token stored in ~/.config/ on my machine.

It uses https://github.com/LinusU/node-application-config which is OS dependent. What OS are running on?

I also couldn't figure out how to turn on items 4 and 5 from this list. They weren't present in my UI. Thoughts?

Looks like GitHub changed the setup of device flow because its out of beta maybe. I will update the docs.

[bcomnes]

Here is my latest commit: 74e82ec.

Going to try and find some time to take it for spin

[bcomnes]

I can't reproduce, seems to work for me.

[RichardLitt]

Great news!

I'm on OSX. Any way I can see where ghauth stored its config files so I can flush them?

[bcomnes]

I'm on OSX. Any way I can see where ghauth stored its config files so I can flush them?

Should be in ~/Library/Application Support/watch-gh-repos/config.json. I think the location changed in ghauth 4 and you could be right that it used to live in ~/.config/something on 3 or lower.

[bcomnes]

Any luck? Always a possibility of bugs on ghauth's end due to some kind of edge case.

[RichardLitt]

Got it working by removing the file you suggested. Excellent! Thank you. Sorry about the extra confusion there.

One thing I am unclear on: do I commit my clientId?

[bcomnes]

clientID is like a public identifier of the app, so it should get shipped in the code of the CLI. So yeah, commit that.

[RichardLitt]

I believe this can be closed now. \o/

[zeke]

It works! Thank you very much @RichardLitt and @bcomnes 🙌🏼

$ npm i -g watch-gh-repos@latest
...
$ watch-gh-repos --org --watch zeke
  Authorize with Github by opening this URL in a browser:

    https://github.com/login/device

  and enter the following User Code:
  (or press ⏎ to enter a personal access token)

✔ Device flow complete.  Manage at https://github.com/settings/connections/applications/bfec45dffc45ea593ead
✔ Authorized for zeke
Wrote access token to "/Users/z/Library/Application Support/watch-gh-repos/config.json"
Watched: zeke/.com
Watched: zeke/12factor
Watched: zeke/18f.gsa.gov
Watched: zeke/404_color_bars
Watched: zeke/accessibility-developer-tools
...

[RichardLitt]

Yes, thank you @bcomnes. :)

Zeke - since you use this, want to be a comaintainer? Load is minimal.

[zeke]

Sure. 👍🏼