fix: normalize hostname for auth login #6999
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
cliAutomation
added
the
external
tuananhlai
changed the title
mislav
suggested changes
Feb 13, 2023
pkg/cmd/auth/login/login.go
Outdated
| @@ -138,6 +138,7 @@ func loginRun(opts *LoginOptions) error { | |||
| return err | |||
| } | |||
| } | |||
| hostname = ghinstance.NormalizeHostname(hostname) | |||
There was a problem hiding this comment.
Hi, thank you for attempting to fix this, but I would rather see that the original cause of the bug was addressed and discovered.
For example, it should be valid to do gh auth login -h GITHUB.COM and have the whole authentication flow complete and the token getting stored under GITHUB.COM. We should be matching hostnames case-insensitively throughout the codebase without having to normalize hostnames at the time of logging in and storing tokens.
I would appreciate if the bug fix was a change that was applied to the part of the codebase where the error that was originally reported comes from. Thank you!
There was a problem hiding this comment.
How should the app handle if the user is already logged in to github.com, then reauthenticate with GitHub.com? Should we save both of them in hosts.yml? 🤔
There was a problem hiding this comment.
Furthermore, the cause of the bug in #6979 is because cfg.AuthToken(hostname) method normalized the hostname internally. If we want to store and validate the user-input hostname, we'd have to modify this method.
https://github.com/cli/cli/blob/trunk/pkg/cmd/auth/status/status.go#L94
There was a problem hiding this comment.
Good point about the cfg.AuthToken method. I have looked up how that works and saw that the fixes would have to be applied to our external library (go-gh). I've proposed some changes there: cli/go-gh#105
If we decide to go that route and the go-gh change gets merged, there will be no need for this PR, as the issue will be solved. However, I thank you for proposing to fix this in the first place. Let's first see what happens with the other PR; I will update this thread accordingly.
mislav
approved these changes
Apr 17, 2023
renovate bot
added a commit
to scottames/dots
that referenced
this pull request
Apr 29, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [aquaproj/aqua-registry](https://togithub.com/aquaproj/aqua-registry) | minor | `v3.158.0` -> `v3.159.0` | | [cli/cli](https://togithub.com/cli/cli) | minor | `v2.27.0` -> `v2.28.0` | | [weaveworks/eksctl](https://togithub.com/weaveworks/eksctl) | minor | `v0.138.0` -> `v0.139.0` | --- ### Release Notes <details> <summary>aquaproj/aqua-registry</summary> ### [`v3.159.0`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v3.159.0) [Compare Source](https://togithub.com/aquaproj/aqua-registry/compare/v3.158.1...v3.159.0) [Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av3.159.0) | [Pull Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av3.159.0) | aquaproj/aqua-registry@v3.158.0...v3.159.0 #### 🎉 New Packages [#​11807](https://togithub.com/aquaproj/aqua-registry/issues/11807) [kubecfg/kubecfg](https://togithub.com/kubecfg/kubecfg): A tool for managing complex enterprise Kubernetes environments as code [#​11808](https://togithub.com/aquaproj/aqua-registry/issues/11808) [loov/goda](https://togithub.com/loov/goda): Go Dependency Analysis toolkit #### Fixes [#​11806](https://togithub.com/aquaproj/aqua-registry/issues/11806) solidiquis/erdtree: Follow up changes of erdtree v2.0.0 https://github.com/solidiquis/erdtree/releases/tag/v2.0.0 > Perhaps the most important change to note is that the compiled binary has been renamed from et to erd in order to address the following issue > regarding name collisions with other programs > > - [solidiquis/erdtree#23 ### [`v3.158.1`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v3.158.1) [Compare Source](https://togithub.com/aquaproj/aqua-registry/compare/v3.158.0...v3.158.1) [Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av3.158.1) | [Pull Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av3.158.1) | aquaproj/aqua-registry@v3.158.0...v3.158.1 #### Fixes [#​11790](https://togithub.com/aquaproj/aqua-registry/issues/11790) Follow up changes of cli/cli v2.28.0 [@​kyontan](https://togithub.com/kyontan) GitHub's CLI (cli/cli) changed format for macOS to zip (from tar.gz) since v2.28.0 See https://github.com/cli/cli/releases/tag/v2.28.0 for details. </details> <details> <summary>cli/cli</summary> ### [`v2.28.0`](https://togithub.com/cli/cli/releases/tag/v2.28.0): GitHub CLI 2.28.0 [Compare Source](https://togithub.com/cli/cli/compare/v2.27.0...v2.28.0) #### What's New - macOS binaries are now signed and notarized -⚠️ macOS archives attached to our releases are no longer `.tar.gz`, but `.zip` instead. This is because `.tar.gz` archives cannot be notarized. - The `checksums.txt` file attached to every release now includes the checksum of the Windows MSI installer too. - macOS and Windows binaries are now compiled from their respective platforms and have `cgo` enabled. This might help resolve respecting system proxy settings and avoid related networking issues. - `issue edit`: edit multiple issues at the same time by [@​heaths](https://togithub.com/heaths) in [cli/cli#7259 - Add `gh org list` by [@​joshkraft](https://togithub.com/joshkraft) in [cli/cli#7257 - `ssh-key`: add ability to manage signing keys by [@​kousikmitra](https://togithub.com/kousikmitra) in [cli/cli#7270 - `search`: enable owner flag to take multiple values by [@​kousikmitra](https://togithub.com/kousikmitra) in [cli/cli#7305 - `codespace`: add `--web` flag for `list` & `create` commands by [@​doaortu](https://togithub.com/doaortu) in [cli/cli#7288 - Our Debian & RPM packages now ship with shell completion scripts by [@​Xerkus](https://togithub.com/Xerkus) in [cli/cli#7293 - `run list`: add `--event` and `--created` filters by [@​cawfeecake](https://togithub.com/cawfeecake) in [cli/cli#7363 [cli/cli#7352 - `repo`: add `visibility` JSON field by [@​yeikel](https://togithub.com/yeikel) in [cli/cli#7337 #### What's Changed - Fix typo in `cs stop` command: `Stoppping` -> `Stopping` by [@​FalseDev](https://togithub.com/FalseDev) in [cli/cli#7318 - Update go-gh to v2 by [@​samcoe](https://togithub.com/samcoe) in [cli/cli#7299 - `auth login`: normalize host name by [@​tuananhlai](https://togithub.com/tuananhlai) in [cli/cli#6999 - build(deps): bump github.com/cenkalti/backoff/v4 from 4.2.0 to 4.2.1 by [@​dependabot](https://togithub.com/dependabot) in [cli/cli#7323 - Clarify how SSH keys are selected for `gh codespace ssh` by [@​jkeech](https://togithub.com/jkeech) in [cli/cli#7325 - Initialize deployment.yml workflow file by [@​mislav](https://togithub.com/mislav) in [cli/cli#7328 - Fix `gh cs ports` requiring `sudo` for privileged port numbers by [@​cmbrose](https://togithub.com/cmbrose) in [cli/cli#7326 - Correct some typos by [@​goggle](https://togithub.com/goggle) in [cli/cli#7342 - Diacritics substitution in prompt by [@​benjlevesque](https://togithub.com/benjlevesque) in [cli/cli#7205 - gh: move `CODEOWNERS` inside the `.github/` dir by [@​SauravMaheshkar](https://togithub.com/SauravMaheshkar) in [cli/cli#7366 - Pretty-print gh api output when using --jq by [@​mjpieters](https://togithub.com/mjpieters) in [cli/cli#7236 #### New Contributors - [@​joshkraft](https://togithub.com/joshkraft) made their first contribution in [cli/cli#7257 - [@​kousikmitra](https://togithub.com/kousikmitra) made their first contribution in [cli/cli#7270 - [@​doaortu](https://togithub.com/doaortu) made their first contribution in [cli/cli#7288 - [@​FalseDev](https://togithub.com/FalseDev) made their first contribution in [cli/cli#7318 - [@​tuananhlai](https://togithub.com/tuananhlai) made their first contribution in [cli/cli#6999 - [@​goggle](https://togithub.com/goggle) made their first contribution in [cli/cli#7342 - [@​Xerkus](https://togithub.com/Xerkus) made their first contribution in [cli/cli#7293 - [@​cawfeecake](https://togithub.com/cawfeecake) made their first contribution in [cli/cli#7363 - [@​yeikel](https://togithub.com/yeikel) made their first contribution in [cli/cli#7337 - [@​SauravMaheshkar](https://togithub.com/SauravMaheshkar) made their first contribution in [cli/cli#7366 - [@​mjpieters](https://togithub.com/mjpieters) made their first contribution in [cli/cli#7236 **Full Changelog**: cli/cli@v2.27.0...v2.28.0 </details> <details> <summary>weaveworks/eksctl</summary> ### [`v0.139.0`](https://togithub.com/weaveworks/eksctl/releases/tag/v0.139.0): eksctl 0.139.0 (permalink) [Compare Source](https://togithub.com/weaveworks/eksctl/compare/0.138.0...0.139.0) ### Release v0.139.0 #### 🚀 Features - Security Policy for eksctl project ([#​6541](https://togithub.com/weaveworks/eksctl/issues/6541)) #### 🐛 Bug Fixes - Fix flux version validation ([#​6530](https://togithub.com/weaveworks/eksctl/issues/6530)) #### 📝 Documentation - Fix empty info block on Default Addon Upgrades page ([#​6524](https://togithub.com/weaveworks/eksctl/issues/6524)) - Update installation instructions ([#​6376](https://togithub.com/weaveworks/eksctl/issues/6376)) - AWS Private link support for fully private cluster ([#​6408](https://togithub.com/weaveworks/eksctl/issues/6408)) #### Acknowledgments Weaveworks would like to sincerely thank: [@​thezanke](https://togithub.com/thezanke), and [@​yuxiang-zhang](https://togithub.com/yuxiang-zhang) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/scottames/dots). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS41OC4yIiwidXBkYXRlZEluVmVyIjoiMzUuNjMuMSJ9--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
jtpetty
pushed a commit
that referenced
this pull request
May 22, 2023
](https://renovatebot.com){kind=link}
Co-authored-by: Mislav Marohnić <mislav@github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #6979
Normalize hostname before write to config file / login.