Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

feat: add support for private GitHub repository cloning with OAuth authentication#193

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Draft
JulsdL wants to merge5 commits intocoderamp-labs:main
base:main
Choose a base branch
Loading
fromJulsdL:private_repo_handling

Conversation

JulsdL
Copy link

GitHub OAuth Integration for Private Repositories

This update introduces comprehensive support for handling private GitHub repositories by integrating GitHub OAuth authentication. The key updates include:

🔑 Authentication & Repository Access

1. Secure Repository Cloning

  • Enhancedclone_repo function: Now accepts an optional OAuth token.
  • OAuth token integration: Injects the token into the GitHub repository URL for authentication.
  • Improved error handling:
    • _check_repo_exists now verifies the repository using authentication headers.
    • Ensures private repositories are only accessible with a valid token.

2. OAuth Authentication Routes

  • Introduced a new module:src/server/oauth.py.
  • Implements GitHub authentication flow usingAuthlib:
    • Login via GitHub.
    • Callback handling for OAuth.
    • Logout to clear sessions.

3. Session Middleware for Token Management

  • Session-based authentication integrated insrc/server/main.py.
  • Stores OAuth tokens securely in cookie-based sessions.
  • Allows other endpoints (e.g.,query_processor) to access and pass tokens toclone_repo.

🖥️ UI & User Experience

4. Authentication UI Updates

  • Modifiednavbar.jinja:
    • Displays"Login with GitHub" when no token is present.
    • Shows"Logout" when authenticated.

📖 Documentation & Configuration

5. UpdatedREADME.md

  • Guides on using private repo access.
  • Instructions for setting up OAuth credentials for:
    • Production environments.
    • Local testing.

🛠️ Miscellaneous Enhancements

6. Additional Improvements

  • .gitignore updates: Ignores new directories.
  • requirements.txt updates: Adds dependencies for:
    • Authlib
    • itsdangerous

These changesenhance security, usability, and documentation, enabling seamless private repository integration via GitHub OAuth. 🚀
login_with_github_button

logout_button
private_repo_error

jpotw and abdellatif-laghjaj reacted with thumbs up emojiJustJerem reacted with eyes emoji
- Implement token-based authentication for cloning private GitHub repositories.- Modify _check_repo_exists to use GitHub API for repo existence check with authentication.- Update clone_repo to handle token-based URLs for private repos.- Add .qodo/ to .gitignore.
- Introduce OAuth authentication with GitHub to handle private repositories.- Modify clone_repo to accept a token for authenticated cloning.- Implement OAuth routes for login and logout in src/server/oauth.py.- Update navbar to display login/logout options based on authentication status.- Add session middleware to manage user sessions.- Update query_processor to pass user token for private repo access.- Add Authlib and itsdangerous to requirements.txt for OAuth functionality.
@JulsdL
Copy link
Author

I'm still working on adding new tests and updating the existing ones

filipchristiansen and JustJerem reacted with thumbs up emoji

@JulsdLJulsdL changed the titleAdd support for private GitHub repository cloning with OAuth authenticationfeat: add support for private GitHub repository cloning with OAuth authenticationFeb 19, 2025
…clone options- Update clone_repo tests to verify that the private repository token is correctly passed to _check_repo_exists.- Refactor test_clone_repo_with_commit and test_clone_repo_without_commit to inspect git command arguments (e.g. ensuring --recurse-submodules, shallow clone flags, and checkout behavior).- Update error message expectations for nonexistent repositories.- Streamline assertions in tests for invalid URLs and local paths.- Refactor tests for custom branches and commit checkouts to verify proper argument order and flag usage.- Add new tests to validate proper behavior for private repositories: one for a valid token scenario and one for missing token handling.
…/failure, logout) and update template directory path to src/server/templates.
@moebiussurfing
Copy link

cool !

@TheRealTimo
Copy link

TheRealTimo commentedApr 6, 2025
edited
Loading

Hi,

Thanks for your work on implementing private repository access via GitHub OAuth. I’ve been exploring a slightly different approach that uses directly provided Personal Access Tokens (PATs) via a new--access-token CLI flag and a corresponding Web UI field [#257]. My implementation aims to support multiple Git hosts while keeping things simple for direct CLI use.

I noticed that both approaches modify some of the same core files, so they wouldn’t be compatible right away. That being said, I'm perfectly fine with closing my PR if the OAuth approach is preferred, but I wanted to throw this idea out there for discussion or potential collaboration.

Thanks again for all your efforts!

abdellatif-laghjaj reacted with hooray emoji

Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

3 participants
@JulsdL@moebiussurfing@TheRealTimo
[8]ページ先頭
©2009-2025 Movatter.jp