Conversation
Adds `xp auth login` which runs the X-point OAuth2 Authorization Code flow with PKCE. The CLI binds an HTTP listener on a random free localhost port for the redirect callback, opens the browser, exchanges the authorization code for tokens, and persists them in the system keyring (via zalando/go-keyring) keyed by subdomain. Subsequent commands resolve credentials in the order: flag > XPOINT_* env > keyring-saved OAuth token. The keyring path auto-refreshes the access token when expired and writes the new tokens back so the user never sees expiry errors. Adds `xp auth status` for inspecting the saved token (values are masked to "***", never printed) and `XP_DEBUG=1` for HTTP request/response debug logging on stderr (with redacted Authorization header). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
成功時はstdout側で整形済み出力がすでにあるため、 stderrにもレスポンスボディを出すと `> /dev/null` しても ターミナルにJSONが残って見えてしまう。エラー時のみ ボディをダンプするように変更。 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
`xp auth login` 時に最後に使ったsubdomainをkeyringに `__default_subdomain__` キーで保存し、`resolveSubdomain()` でフラグ/環境変数が未指定のときのフォールバックとして 利用する。一度ログインすればXPOINT_SUBDOMAINの指定が 不要になる。 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
buty4649
force-pushed
the
worktree-oauth-auth
branch
from
eba7097 to
16ebded
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
xp auth loginを追加。X-point の OAuth2 Authorization Code + PKCE フローを実行し、127.0.0.1のランダム空きポートでコールバックを待ち受けてブラウザで認証するxp form list等の認証解決順は フラグ >XPOINT_*env > キーリング(OAuth) 。キーリング経路ではアクセストークン期限切れ時に自動で refresh して再保存するxp auth status… 保存トークンの状態確認(トークン値は***で完全マスク)XP_DEBUG=1… HTTP リクエスト/レスポンスを stderr にダンプ(Authorizationヘッダはマスク)主な変更ファイル
cmd/auth.go…xp auth login/xp auth status実装internal/xpoint/oauth.go… PKCE 生成、authorization URL 構築、token endpoint 呼び出し、Authorization Code フローinternal/xpoint/tokenstore.go… キーリング経由の保存/読込/削除cmd/root.go,cmd/form.go… 認証解決ロジックを再構成仕様参照
X-point API ドキュメント 2.3.1 OAuth2認証(Authorization)
Test plan
go test ./...golangci-lint run ./...xp auth login成功 →xp form listで API 呼び出し成功を確認🤖 Generated with Claude Code