gist 4.6.0 → 6.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 306aea3698bda142b6130a3160a10c7cfc816142
-  data.tar.gz: b5cc50975bfa626326ac4c865f2d1849d3b95d50
+SHA256:
+  metadata.gz: 78e3d009d0e3e3a535d20e8d7e0582705c6ea61308958c3f59a4d4a2e365fa3c
+  data.tar.gz: 23df778298090151ce7e2b8f3dbb8f97786bc7d576f218be1aeb454123090e91
 SHA512:
-  metadata.gz: 4f65b5b05ce628788db1fc1324191fa51c56f39827474efb44c0cbcef690001a89be5626b490a0111989ccea4a882fcb2e1d360cc75742d58fb2846e285a2129
-  data.tar.gz: 339e1387cb0f267a8a49e37963fc01fc353d6e77c7e1546ad029234c21672580ffac2ce0366e9443d22a020b9f92e5f4ac7c9cb30decc18ac3bb5ff5436fe3d6
+  metadata.gz: 70506cc45562b725085e2f10d5627a3ac4c700fa6e599e39a6625629fbd2c63903b2d42a4a95d9642f0ac01893bd8de27d72acb7e4622eaa44ab4ea96b08840c
+  data.tar.gz: b3476f46cb844603a169e3a67fae3bb37e5399494ddec6c78178f4bb664a90cda642c5be780ea007d12e96cc96312f695b86827872bc4947603c092a4e3d6774

data/README.md

@@ -21,6 +21,11 @@ upload content to https://gist.github.com/.
 
     brew install gist
 
+‌For FreeBSD, gist lives in ports
+
+    pkg install gist
+
+
 ## Command
 
 ‌To upload the contents of `a.rb` just:
@@ -79,12 +84,29 @@ To read a gist and print it to STDOUT
 
 ## Login
 
-If you want to associate your gists with your GitHub account, you need to login
-with gist. It doesn't store your username and password, it just uses them to get
-an OAuth2 token (with the "gist" permission).
+Before you use `gist` for the first time you will need to log in. There are two supported login flows:
+
+1. The Github device-code Oauth flow. This is the default for authenticating to github.com, and can be enabled for Github Enterprise by creating an Oauth app, and exporting the environment variable `GIST_CLIENT_ID` with the client id of the Oauth app.
+2. The (deprecated) username and password token exchange flow. This is the default for GitHub Enterprise, and can be used to log into github.com by exporting the environment variable `GIST_USE_USERNAME_AND_PASSWORD`.
+
+### The device-code flow
+
+This flow allows you to obtain a token by logging into GitHub in the browser and typing a verification code. This is the preferred mechanism.
 
     gist --login
-    Obtaining OAuth2 access_token from github.
+    Requesting login parameters...
+    Please sign in at https://github.com/login/device
+      and enter code: XXXX-XXXX
+    Success! https://github.com/settings/connections/applications/4f7ec0d4eab38e74384e
+
+The returned access_token is stored in `~/.gist` and used for all future gisting.  If you need to you can revoke access from  https://github.com/settings/connections/applications/4f7ec0d4eab38e74384e.
+
+### The username-password flow
+
+This flow asks for your GitHub username and password (and 2FA code), and exchanges them for a token with the "gist" permission (your username and password are not stored). This mechanism is deprecated by GitHub, but may still work with GitHub Enterprise.
+
+    gist --login
+    Obtaining OAuth2 access_token from GitHub.
     GitHub username: ConradIrwin
     GitHub password:
     2-factor auth code:
@@ -94,9 +116,21 @@ This token is stored in `~/.gist` and used for all future gisting. If you need t
 you can revoke it from https://github.com/settings/tokens, or just delete the
 file. 
 
-‌After you've done this, you can still upload gists anonymously with `-a`.
+#### Password-less login
+
+If you have a complicated authorization requirement you can manually create a
+token file by pasting a GitHub token with `gist` scope (and maybe the `user:email`
+for GitHub Enterprise) into a file called `~/.gist`. You can create one from
+https://github.com/settings/tokens
+
+This file should contain only the token (~40 hex characters), and to make it
+easier to edit, can optionally have a final newline (`\n` or `\r\n`).
+
+For example, one way to create this file would be to run:
+
+    (umask 0077 && echo MY_SECRET_TOKEN > ~/.gist)
 
-    gist -a a.rb
+The `umask` ensures that the file is only accessible from your user account.
 
 ### GitHub Enterprise
 
@@ -106,10 +140,10 @@ you need to export the `GITHUB_URL` environment variable (usually done in your `
     export GITHUB_URL=http://github.internal.example.com/
 
 Once you've done this and restarted your terminal (or run `source ~/.bashrc`), gist will
-automatically use github enterprise instead of the public github.com
+automatically use GitHub Enterprise instead of the public github.com
 
 Your token for GitHub Enterprise will be stored in `.gist.<protocol>.<server.name>[.<port>]` (e.g.
-`~.gist.http.github.internal.example.com` for the GITHUB_URL example above) instead of `~/.gist`.
+`~/.gist.http.github.internal.example.com` for the GITHUB_URL example above) instead of `~/.gist`.
 
 If you have multiple servers or use Enterprise and public GitHub often, you can work around this by creating scripts
 that set the env var and then run `gist`. Keep in mind that to use the public GitHub you must unset the env var. Just
@@ -137,11 +171,10 @@ If you need more advanced features you can also pass:
 * `:public` if you want your gist to have a guessable url.
 * `:description` to add a description to your gist.
 * `:update` to update an existing gist (can be a URL or an id).
-* `:anonymous` to submit an anonymous gist (default is false).
 * `:copy` to copy the resulting URL to the clipboard (default is false).
 * `:open` to open the resulting URL in a browser (default is false).
 
-NOTE: The access_token must have the "gist" scope.
+NOTE: The access_token must have the `gist` scope and may also require the `user:email` scope.
 
 ‌If you want to upload multiple files in the same gist, you can:
 

data/Rakefile

@@ -23,9 +23,7 @@ task :standalone do
     f.puts "#!/usr/bin/env ruby"
     f.puts "# This is generated from https://github.com/defunkt/gist using 'rake standalone'"
     f.puts "# any changes will be overwritten."
-    f.puts File.read("lib/gist.rb")
-        .split("require 'json'\n").join(File.read("vendor/json.rb"))
-        .split("require 'netrc'\n").join(File.read("vendor/netrc.rb"))
+    f.puts File.read("lib/gist.rb").split("require 'json'\n").join(File.read("vendor/json.rb"))
 
     f.puts File.read("bin/gist").gsub(/^require.*gist.*\n/, '');
   end

data/bin/gist

@@ -24,16 +24,12 @@ specified STDIN will be read. The default filename for STDIN is "a.rb", and all
 filenames can be overridden by repeating the "-f" flag. The most useful reason
 to do this is to change the syntax highlighting.
 
-If you'd like your gists to be associated with your GitHub account, so that you
-can edit them and find them in future, first use `gist --login` to obtain an
-Oauth2 access token. This is stored and used by gist in the future.
+All gists must to be associated with a GitHub account, so you will need to login with
+`gist --login` to obtain an OAuth2 access token. This is stored and used by gist in the future.
 
 Private gists do not have guessable URLs and can be created with "-p", you can
 also set the description at the top of the gist by passing "-d".
 
-Anonymous gists are not associated with your GitHub account, they can be created
-with "-a" even after you have used "gist --login".
-
 If you would like to shorten the resulting gist URL, use the -s flag. This will
 use GitHub's URL shortener, git.io. You can also use -R to get the link to the
 raw gist.
@@ -47,7 +43,11 @@ Instead of creating a new gist, you can update an existing one by passing its ID
 or URL with "-u". For this to work, you must be logged in, and have created the
 original gist with the same GitHub account.
 
-Usage: #{executable_name} [-o|-c|-e] [-p] [-s] [-R] [-d DESC] [-a] [-u URL] [-P] [-f NAME|-t EXT]* FILE*
+If you want to skip empty files, use the --skip-empty flag. If all files are
+empty no gist will be created.
+
+Usage: #{executable_name} [-o|-c|-e] [-p] [-s] [-R] [-d DESC] [-u URL]
+                          [--skip-empty] [-P] [-f NAME|-t EXT]* FILE*
        #{executable_name} --login
        #{executable_name} [-l|-r]
 
@@ -88,10 +88,6 @@ Usage: #{executable_name} [-o|-c|-e] [-p] [-s] [-R] [-d DESC] [-a] [-u URL] [-P]
     options[:update] = update
   end
 
-  opts.on("-a", "--anonymous", "Create an anonymous gist.") do
-    options[:anonymous] = true
-  end
-
   opts.on("-c", "--copy", "Copy the resulting URL to the clipboard") do
     options[:copy] = true
   end
@@ -107,6 +103,10 @@ Usage: #{executable_name} [-o|-c|-e] [-p] [-s] [-R] [-d DESC] [-a] [-u URL] [-P]
 
   opts.on("--no-open")
 
+  opts.on("--skip-empty", "Skip gisting empty files") do
+    options[:skip_empty] = true
+  end
+
   opts.on("-P", "--paste", "Paste from the clipboard to gist") do
     options[:paste] = true
   end
@@ -140,6 +140,12 @@ Usage: #{executable_name} [-o|-c|-e] [-p] [-s] [-R] [-d DESC] [-a] [-u URL] [-P]
 end.parse!
 
 begin
+  if Gist.auth_token.nil?
+    puts 'Please log in with `gist --login`. ' \
+      '(GitHub now requires credentials to gist https://bit.ly/2GBBxKw)'
+    exit(1)
+  end
+
   options[:output] = if options[:embed] && options[:shorten]
                        raise Gist::Error, "--embed does not make sense with --shorten"
                      elsif options[:embed]
@@ -195,7 +201,8 @@ begin
         end
     end
 
-    puts Gist.multi_gist(files, options)
+    output = Gist.multi_gist(files, options)
+    puts output if output
   end
 
 rescue Gist::Error => e

data/gist.gemspec

@@ -9,7 +9,7 @@ Gem::Specification.new do |s|
   s.email         = ['conrad.irwin@gmail.com', 'rkingist@sharpsaw.org']
   s.authors       = ['Conrad Irwin', '☈king']
   s.license       = 'MIT'
-  s.files         = `git ls-files`.split("\n")
+  s.files         = `git ls-files`.split("\n") - Dir.glob("build/*") - [".gitignore"]
   s.require_paths = ["lib"]
 
   s.executables << 'gist'

data/lib/gist.rb

@@ -8,17 +8,11 @@ rescue LoadError
   require File.join File.dirname(File.dirname(__FILE__)), 'vendor', 'json.rb'
 end
 
-begin
-  require 'netrc'
-rescue LoadError
-  require File.join File.dirname(File.dirname(__FILE__)), 'vendor', 'netrc.rb'
-end
-
 # It just gists.
 module Gist
   extend self
 
-  VERSION = '4.6.0'
+  VERSION = '6.0.0'
 
   # A list of clipboard commands with copy and paste support.
   CLIPBOARD_COMMANDS = {
@@ -29,12 +23,16 @@ module Gist
   }
 
   GITHUB_API_URL   = URI("https://api.github.com/")
+  GITHUB_URL       = URI("https://github.com/")
   GIT_IO_URL       = URI("https://git.io")
 
   GITHUB_BASE_PATH = ""
   GHE_BASE_PATH    = "/api/v3"
 
+  GITHUB_CLIENT_ID = '4f7ec0d4eab38e74384e'
+
   URL_ENV_NAME     = "GITHUB_URL"
+  CLIENT_ID_ENV_NAME = "GIST_CLIENT_ID"
 
   USER_AGENT       = "gist/#{VERSION} (Net::HTTP, #{RUBY_DESCRIPTION})"
 
@@ -50,7 +48,7 @@ module Gist
   module AuthTokenFile
     def self.filename
       if ENV.key?(URL_ENV_NAME)
-        File.expand_path "~/.gist.#{ENV[URL_ENV_NAME].gsub(/:/, '.').gsub(/[^a-z0-9.]/, '')}"
+        File.expand_path "~/.gist.#{ENV[URL_ENV_NAME].gsub(/:/, '.').gsub(/[^a-z0-9.-]/, '')}"
       else
         File.expand_path "~/.gist"
       end
@@ -71,7 +69,7 @@ module Gist
   #
   # @return [String] string value of access token or `nil`, if not found
   def auth_token
-    @token ||= AuthTokenFile.read rescue nil || Netrc.read[self.api_url.host][1]
+    @token ||= AuthTokenFile.read rescue nil
   end
 
   # Upload a gist to https://gist.github.com
@@ -82,10 +80,14 @@ module Gist
   #
   # @see http://developer.github.com/v3/gists/
   def gist(content, options = {})
-    filename = options[:filename] || "a.rb"
+    filename = options[:filename] || default_filename
     multi_gist({filename => content}, options)
   end
 
+  def default_filename
+    "gistfile1.txt"
+  end
+
   # Upload a gist to https://gist.github.com
   #
   # @param [Hash] files  the code you'd like to gist: filename => content
@@ -98,6 +100,7 @@ module Gist
   # @option options [String] :update  the URL or id of a gist to update
   # @option options [Boolean] :copy  (false) Copy resulting URL to clipboard, if successful.
   # @option options [Boolean] :open  (false) Open the resulting URL in a browser.
+  # @option options [Boolean] :skip_empty (false) Skip gisting empty files.
   # @option options [Symbol] :output (:all) The type of return value you'd like:
   #   :html_url gives a String containing the url to the gist in a browser
   #   :short_url gives a String contianing a  git.io url that redirects to html_url
@@ -109,6 +112,13 @@ module Gist
   #
   # @see http://developer.github.com/v3/gists/
   def multi_gist(files, options={})
+    if options[:anonymous]
+      raise 'Anonymous gists are no longer supported. Please log in with `gist --login`. ' \
+        '(GitHub now requires credentials to gist https://bit.ly/2GBBxKw)'
+    else
+      access_token = (options[:access_token] || auth_token())
+    end
+
     json = {}
 
     json[:description] = options[:description] if options[:description]
@@ -116,22 +126,23 @@ module Gist
     json[:files] = {}
 
     files.each_pair do |(name, content)|
-      raise "Cannot gist empty files" if content.to_s.strip == ""
-      json[:files][File.basename(name)] = {:content => content}
+      if content.to_s.strip == ""
+        raise "Cannot gist empty files" unless options[:skip_empty]
+      else
+        name = name == "-" ? default_filename : File.basename(name)
+        json[:files][name] = {:content => content}
+      end
     end
 
+    return if json[:files].empty? && options[:skip_empty]
+
     existing_gist = options[:update].to_s.split("/").last
-    if options[:anonymous]
-      access_token = nil
-    else
-      access_token = (options[:access_token] || auth_token())
-    end
 
     url = "#{base_path}/gists"
     url << "/" << CGI.escape(existing_gist) if existing_gist.to_s != ''
-    url << "?access_token=" << CGI.escape(access_token) if access_token.to_s != ''
 
     request = Net::HTTP::Post.new(url)
+    request['Authorization'] = "token #{access_token}" if access_token.to_s != ''
     request.body = JSON.dump(json)
     request.content_type = 'application/json'
 
@@ -167,9 +178,10 @@ module Gist
     if user == ""
       access_token = auth_token()
       if access_token.to_s != ''
-        url << "/gists?access_token=" << CGI.escape(access_token)
+        url << "/gists"
 
         request = Net::HTTP::Get.new(url)
+        request['Authorization'] = "token #{access_token}"
         response = http(api_url, request)
 
         pretty_gist(response)
@@ -192,24 +204,21 @@ module Gist
     url = "#{base_path}"
 
     if user == ""
-      access_token = auth_token()
-      if access_token.to_s != ''
-        url << "/gists?per_page=100&access_token=" << CGI.escape(access_token)
-        get_gist_pages(url)
-      else
-        raise Error, "Not authenticated. Use 'gist --login' to login or 'gist -l username' to view public gists."
-      end
-
+      url << "/gists?per_page=100"
     else
       url << "/users/#{user}/gists?per_page=100"
-      get_gist_pages(url)
     end
 
+    get_gist_pages(url, auth_token())
   end
 
   def read_gist(id, file_name=nil)
     url = "#{base_path}/gists/#{id}"
+
+    access_token = auth_token()
+
     request = Net::HTTP::Get.new(url)
+    request['Authorization'] = "token #{access_token}" if access_token.to_s != ''
     response = http(api_url, request)
 
     if response.code == '200'
@@ -235,9 +244,8 @@ module Gist
 
     access_token = auth_token()
     if access_token.to_s != ''
-      url << "?access_token=" << CGI.escape(access_token)
-
       request = Net::HTTP::Delete.new(url)
+      request["Authorization"] = "token #{access_token}"
       response = http(api_url, request)
     else
       raise Error, "Not authenticated. Use 'gist --login' to login."
@@ -250,9 +258,10 @@ module Gist
     end
   end
 
-  def get_gist_pages(url)
+  def get_gist_pages(url, access_token = "")
 
     request = Net::HTTP::Get.new(url)
+    request['Authorization'] = "token #{access_token}" if access_token.to_s != ''
     response = http(api_url, request)
     pretty_gist(response)
 
@@ -260,7 +269,7 @@ module Gist
 
     if link_header
       links = Hash[ link_header.gsub(/(<|>|")/, "").split(',').map { |link| link.split('; rel=') } ].invert
-      get_gist_pages(links['next']) if links['next']
+      get_gist_pages(links['next'], access_token) if links['next']
     end
 
   end
@@ -324,16 +333,72 @@ module Gist
 
   # Log the user into gist.
   #
+  def login!(credentials={})
+    if (login_url == GITHUB_URL || ENV.key?(CLIENT_ID_ENV_NAME)) && credentials.empty? && !ENV.key?('GIST_USE_USERNAME_AND_PASSWORD')
+      device_flow_login!
+    else
+      access_token_login!(credentials)
+    end
+  end
+
+  def device_flow_login!
+    puts "Requesting login parameters..."
+    request = Net::HTTP::Post.new("/login/device/code")
+    request.body = JSON.dump({
+      :scope => 'gist',
+      :client_id => client_id,
+    })
+    request.content_type = 'application/json'
+    request['accept'] = "application/json"
+    response = http(login_url, request)
+
+    if response.code != '200'
+      raise Error, "HTTP #{response.code}: #{response.body}"
+    end
+
+    body = JSON.parse(response.body)
+
+    puts "Please sign in at #{body['verification_uri']}"
+    puts "  and enter code: #{body['user_code']}"
+    device_code = body['device_code']
+    interval = body['interval']
+
+    loop do
+      sleep(interval.to_i)
+      request = Net::HTTP::Post.new("/login/oauth/access_token")
+      request.body = JSON.dump({
+        :client_id => client_id,
+        :grant_type => 'urn:ietf:params:oauth:grant-type:device_code',
+        :device_code => device_code
+      })
+      request.content_type = 'application/json'
+      request['Accept'] = 'application/json'
+      response = http(login_url, request)
+      if response.code != '200'
+        raise Error, "HTTP #{response.code}: #{response.body}"
+      end
+      body = JSON.parse(response.body)
+      break unless body['error'] == 'authorization_pending'
+    end
+
+    if body['error']
+      raise Error, body['error_description']
+    end
+
+    AuthTokenFile.write JSON.parse(response.body)['access_token']
+
+    puts "Success! #{ENV[URL_ENV_NAME] || "https://github.com/"}settings/connections/applications/#{client_id}"
+  end
+
+  # Logs the user into gist.
+  #
   # This method asks the user for a username and password, and tries to obtain
   # and OAuth2 access token, which is then stored in ~/.gist
   #
   # @raise [Gist::Error]  if something went wrong
-  # @param [Hash] credentials  login details
-  # @option credentials [String] :username
-  # @option credentials [String] :password
   # @see http://developer.github.com/v3/oauth/
-  def login!(credentials={})
-    puts "Obtaining OAuth2 access_token from github."
+  def access_token_login!(credentials={})
+    puts "Obtaining OAuth2 access_token from GitHub."
     loop do
       print "GitHub username: "
       username = credentials[:username] || $stdin.gets.strip
@@ -389,7 +454,11 @@ module Gist
     env = ENV['http_proxy'] || ENV['HTTP_PROXY']
     connection = if env
                    proxy = URI(env)
-                   Net::HTTP::Proxy(proxy.host, proxy.port).new(uri.host, uri.port)
+                   if proxy.user
+                     Net::HTTP::Proxy(proxy.host, proxy.port, proxy.user, proxy.password).new(uri.host, uri.port)
+                   else
+                     Net::HTTP::Proxy(proxy.host, proxy.port).new(uri.host, uri.port)
+                   end
                  else
                    Net::HTTP.new(uri.host, uri.port)
                  end
@@ -543,11 +612,19 @@ Could not find copy command, tried:
     ENV.key?(URL_ENV_NAME) ? GHE_BASE_PATH : GITHUB_BASE_PATH
   end
 
+  def login_url
+    ENV.key?(URL_ENV_NAME) ? URI(ENV[URL_ENV_NAME]) : GITHUB_URL
+  end
+
   # Get the API URL
   def api_url
     ENV.key?(URL_ENV_NAME) ? URI(ENV[URL_ENV_NAME]) : GITHUB_API_URL
   end
 
+  def client_id
+    ENV.key?(CLIENT_ID_ENV_NAME) ? URI(ENV[CLIENT_ID_ENV_NAME]) : GITHUB_CLIENT_ID
+  end
+
   def legacy_private_gister?
     return unless which('git')
     `git config --global gist.private` =~ /\Ayes|1|true|on\z/i