johba/disinto
1
0
Fork 0
Code Issues 4 Pull requests Projects Releases Packages Wiki Activity Actions

fix: preflight API check uses /user endpoint which requires read:user scope (#569)

Browse source 
Replace /api/v1/user with /api/v1/repos/{owner}/{repo} in three places:
- preflight_check() auth verification
- setup_codeberg_auth() --token flag verification
- setup_codeberg_auth() interactive flow verification

The repo endpoint only requires repo-level access, which matches the
scopes disinto actually needs (write:issue, write:repository). Tokens
without read:user scope now pass verification correctly.

Also use generic "token" as netrc login since the username is no longer
retrieved from the API (git operations authenticate via the token, not
the login field).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
openhands 2026-03-22 20:07:20 +00:00
parent 80895c800d
commit 1265fa2d3b
1 changed files with 16 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

32
bin/disinto
View file

@ -84,19 +84,20 @@ write_netrc() {
# Args: [token_from_flag] # Args: [token_from_flag]
setup_codeberg_auth() { setup_codeberg_auth() {
local token_flag="${1:-}" local token_flag="${1:-}"
local repo_slug="${2:-}"
# --token flag takes priority: verify and save # --token flag takes priority: verify and save
if [ -n "$token_flag" ]; then if [ -n "$token_flag" ]; then
local login local verify_url="https://codeberg.org/api/v1/repos/${repo_slug}"
login=$(curl -sf --max-time 10 \ if ! curl -sf --max-time 10 \
-H "Authorization: token ${token_flag}" \ -H "Authorization: token ${token_flag}" \
"https://codeberg.org/api/v1/user" | jq -r '.login') || { "$verify_url" >/dev/null 2>&1; then
echo "Error: provided token failed verification" >&2 echo "Error: provided token failed verification" >&2
exit 1 exit 1
} fi
write_netrc "$login" "$token_flag" write_netrc "token" "$token_flag"
echo "Saving to ~/.netrc... done." echo "Saving to ~/.netrc... done."
echo "Verified: logged in as ${login} ✓" echo "Verified: token accepted ✓"
export CODEBERG_TOKEN="$token_flag" export CODEBERG_TOKEN="$token_flag"
return return
fi fi
@ -138,12 +139,10 @@ setup_codeberg_auth() {
continue continue
fi fi
local login local verify_url="https://codeberg.org/api/v1/repos/${repo_slug}"
login=$(curl -sf --max-time 10 \ if ! curl -sf --max-time 10 \
-H "Authorization: token ${token_input}" \ -H "Authorization: token ${token_input}" \
"https://codeberg.org/api/v1/user" 2>/dev/null | jq -r '.login' 2>/dev/null) || login="" "$verify_url" >/dev/null 2>&1; then
if [ -z "$login" ]; then
echo "Token verification failed. Check your token and try again." >&2 echo "Token verification failed. Check your token and try again." >&2
read -rp "Retry? [Y/n] " retry read -rp "Retry? [Y/n] " retry
if [[ "$retry" =~ ^[Nn] ]]; then if [[ "$retry" =~ ^[Nn] ]]; then
@ -153,9 +152,9 @@ setup_codeberg_auth() {
continue continue
fi fi
write_netrc "$login" "$token_input" write_netrc "token" "$token_input"
echo "Saving to ~/.netrc... done." echo "Saving to ~/.netrc... done."
echo "Verified: logged in as ${login} ✓" echo "Verified: token accepted ✓"
export CODEBERG_TOKEN="$token_input" export CODEBERG_TOKEN="$token_input"
return return
done done
@ -163,6 +162,7 @@ setup_codeberg_auth() {
# Preflight check — verify all factory requirements before proceeding. # Preflight check — verify all factory requirements before proceeding.
preflight_check() { preflight_check() {
local repo_slug="${1:-}"
local errors=0 local errors=0
# ── Required commands ── # ── Required commands ──
@ -216,7 +216,7 @@ preflight_check() {
else else
curl_args+=(--netrc) curl_args+=(--netrc)
fi fi
if ! curl "${curl_args[@]}" "https://codeberg.org/api/v1/user" >/dev/null 2>&1; then if ! curl "${curl_args[@]}" "https://codeberg.org/api/v1/repos/${repo_slug}" >/dev/null 2>&1; then
echo "Error: Codeberg API auth failed" >&2 echo "Error: Codeberg API auth failed" >&2
echo " Verify your CODEBERG_TOKEN or ~/.netrc credentials" >&2 echo " Verify your CODEBERG_TOKEN or ~/.netrc credentials" >&2
errors=$((errors + 1)) errors=$((errors + 1))
@ -493,10 +493,10 @@ p.write_text(text)
fi fi
# Set up Codeberg auth (interactive if needed, before preflight) # Set up Codeberg auth (interactive if needed, before preflight)
setup_codeberg_auth "$token_flag" setup_codeberg_auth "$token_flag" "$codeberg_repo"
# Preflight: verify factory requirements # Preflight: verify factory requirements
preflight_check preflight_check "$codeberg_repo"
# Determine repo root (for new projects) # Determine repo root (for new projects)
repo_root="${repo_root:-/home/${USER}/${project_name}}" repo_root="${repo_root:-/home/${USER}/${project_name}}"