gist 5.1.0 → 6.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b81d6d7f5378a97ea2110a82b03f703ef3e288ac038c233428e0413149b5bb34
-  data.tar.gz: 2f01fcdd837e72af4a7ed7c53120b1605ad73fd15d15a4e8d4dd709d43775f7e
+  metadata.gz: a81ce3967b1095ead6ba1ca877a9c3f6de348de6a30b0f3d43489bbde1e82d2f
+  data.tar.gz: adc00b10a3514227ecfe8250a0a22af8df929e3cbffec78d33b0ec3cbf52dc2c
 SHA512:
-  metadata.gz: b5c0ae73ff4b52e917a485ad0e95b4a5520ba8212b39557a82ccc3cc8bf309a34ddfceedc67fe24222069ffd485fa857776238b05a57fc0c52ec7a215c6ca297
-  data.tar.gz: 9ded7356c613f6130bbb9b3c8859723c12a0c897073c6c6149c37038d3d3dd285a98dd2b773ba7dc036ba520e4b8440eec76c9468a22ff8a0213e70e0d8ddc52
+  metadata.gz: 450ee25c8f289acb02aa085ffe140801ed32ead7679f98d2e426315e2586c63224304dc4660820a80d75c3c6b011794cc53b6815d8754bddf4ba592b950197e7
+  data.tar.gz: 5831bd45e6d92a280e91ff4c7b28b635920480de9c663d473b37d3510cb5fe881d47583b976a5d7531e54df00cfdfa42ffe44ccb3be55ffb0f4829b38a2068ab

data/README.md

@@ -25,6 +25,11 @@ upload content to https://gist.github.com/.
 
     pkg install gist
 
+‌For Ubuntu/Debian
+
+    apt install gist
+
+Note: Debian renames the binary to `gist-paste` to avoid a name conflict.
 
 ## Command
 
@@ -84,9 +89,26 @@ To read a gist and print it to STDOUT
 
 ## Login
 
-If you want to associate your gists with your GitHub account, you need to login
-with gist. It doesn't store your username and password, it just uses them to get
-an OAuth2 token (with the "gist" permission).
+Before you use `gist` for the first time you will need to log in. There are two supported login flows:
+
+1. The Github device-code Oauth flow. This is the default for authenticating to github.com, and can be enabled for Github Enterprise by creating an Oauth app, and exporting the environment variable `GIST_CLIENT_ID` with the client id of the Oauth app.
+2. The (deprecated) username and password token exchange flow. This is the default for GitHub Enterprise, and can be used to log into github.com by exporting the environment variable `GIST_USE_USERNAME_AND_PASSWORD`.
+
+### The device-code flow
+
+This flow allows you to obtain a token by logging into GitHub in the browser and typing a verification code. This is the preferred mechanism.
+
+    gist --login
+    Requesting login parameters...
+    Please sign in at https://github.com/login/device
+      and enter code: XXXX-XXXX
+    Success! https://github.com/settings/connections/applications/4f7ec0d4eab38e74384e
+
+The returned access_token is stored in `~/.gist` and used for all future gisting.  If you need to you can revoke access from  https://github.com/settings/connections/applications/4f7ec0d4eab38e74384e.
+
+### The username-password flow
+
+This flow asks for your GitHub username and password (and 2FA code), and exchanges them for a token with the "gist" permission (your username and password are not stored). This mechanism is deprecated by GitHub, but may still work with GitHub Enterprise.
 
     gist --login
     Obtaining OAuth2 access_token from GitHub.
@@ -102,8 +124,9 @@ file.
 #### Password-less login
 
 If you have a complicated authorization requirement you can manually create a
-token file by pasting a GitHub token with only the `gist` permission into a
-file called `~/.gist`. You can create one from https://github.com/settings/tokens
+token file by pasting a GitHub token with `gist` scope (and maybe the `user:email`
+for GitHub Enterprise) into a file called `~/.gist`. You can create one from
+https://github.com/settings/tokens
 
 This file should contain only the token (~40 hex characters), and to make it
 easier to edit, can optionally have a final newline (`\n` or `\r\n`).
@@ -156,7 +179,7 @@ If you need more advanced features you can also pass:
 * `:copy` to copy the resulting URL to the clipboard (default is false).
 * `:open` to open the resulting URL in a browser (default is false).
 
-NOTE: The access_token must have the "gist" scope.
+NOTE: The access_token must have the `gist` scope and may also require the `user:email` scope.
 
 ‌If you want to upload multiple files in the same gist, you can:
 

data/bin/gist

@@ -173,7 +173,8 @@ begin
 
   if options.key? :read
     file_name = ARGV.first
-    Gist.read_gist(options[:read], file_name)
+    output = Gist.read_gist(options[:read], file_name)
+    puts output if output
     exit
   end
 

data/gist.gemspec

@@ -9,7 +9,7 @@ Gem::Specification.new do |s|
   s.email         = ['conrad.irwin@gmail.com', 'rkingist@sharpsaw.org']
   s.authors       = ['Conrad Irwin', '☈king']
   s.license       = 'MIT'
-  s.files         = `git ls-files`.split("\n")
+  s.files         = `git ls-files`.split("\n") - Dir.glob("build/*") - [".gitignore"]
   s.require_paths = ["lib"]
 
   s.executables << 'gist'

data/lib/gist.rb

@@ -12,7 +12,7 @@ end
 module Gist
   extend self
 
-  VERSION = '5.1.0'
+  VERSION = '6.1.0'
 
   # A list of clipboard commands with copy and paste support.
   CLIPBOARD_COMMANDS = {
@@ -23,12 +23,16 @@ module Gist
   }
 
   GITHUB_API_URL   = URI("https://api.github.com/")
+  GITHUB_URL       = URI("https://github.com/")
   GIT_IO_URL       = URI("https://git.io")
 
   GITHUB_BASE_PATH = ""
   GHE_BASE_PATH    = "/api/v3"
 
+  GITHUB_CLIENT_ID = '4f7ec0d4eab38e74384e'
+
   URL_ENV_NAME     = "GITHUB_URL"
+  CLIENT_ID_ENV_NAME = "GIST_CLIENT_ID"
 
   USER_AGENT       = "gist/#{VERSION} (Net::HTTP, #{RUBY_DESCRIPTION})"
 
@@ -44,7 +48,7 @@ module Gist
   module AuthTokenFile
     def self.filename
       if ENV.key?(URL_ENV_NAME)
-        File.expand_path "~/.gist.#{ENV[URL_ENV_NAME].gsub(/:/, '.').gsub(/[^a-z0-9.]/, '')}"
+        File.expand_path "~/.gist.#{ENV[URL_ENV_NAME].gsub(/:/, '.').gsub(/[^a-z0-9.-]/, '')}"
       else
         File.expand_path "~/.gist"
       end
@@ -99,7 +103,7 @@ module Gist
   # @option options [Boolean] :skip_empty (false) Skip gisting empty files.
   # @option options [Symbol] :output (:all) The type of return value you'd like:
   #   :html_url gives a String containing the url to the gist in a browser
-  #   :short_url gives a String contianing a  git.io url that redirects to html_url
+  #   :short_url gives a String containing a  git.io url that redirects to html_url
   #   :javascript gives a String containing a script tag suitable for embedding the gist
   #   :all gives a Hash containing the parsed json response from the server
   #
@@ -200,25 +204,18 @@ module Gist
     url = "#{base_path}"
 
     if user == ""
-      access_token = auth_token()
-      if access_token.to_s != ''
-        url << "/gists?per_page=100"
-        get_gist_pages(url, access_token)
-      else
-        raise Error, "Not authenticated. Use 'gist --login' to login or 'gist -l username' to view public gists."
-      end
-
+      url << "/gists?per_page=100"
     else
       url << "/users/#{user}/gists?per_page=100"
-      get_gist_pages(url)
     end
 
+    get_gist_pages(url, auth_token())
   end
 
-  def read_gist(id, file_name=nil)
+  def read_gist(id, file_name=nil, options={})
     url = "#{base_path}/gists/#{id}"
 
-    access_token = auth_token()
+    access_token = (options[:access_token] || auth_token())
 
     request = Net::HTTP::Get.new(url)
     request['Authorization'] = "token #{access_token}" if access_token.to_s != ''
@@ -235,7 +232,7 @@ module Gist
         file = files.values.first
       end
 
-      puts file["content"]
+      file["content"]
     else
       raise Error, "Gist with id of #{id} does not exist."
     end
@@ -336,15 +333,71 @@ module Gist
 
   # Log the user into gist.
   #
+  def login!(credentials={})
+    if (login_url == GITHUB_URL || ENV.key?(CLIENT_ID_ENV_NAME)) && credentials.empty? && !ENV.key?('GIST_USE_USERNAME_AND_PASSWORD')
+      device_flow_login!
+    else
+      access_token_login!(credentials)
+    end
+  end
+
+  def device_flow_login!
+    puts "Requesting login parameters..."
+    request = Net::HTTP::Post.new("/login/device/code")
+    request.body = JSON.dump({
+      :scope => 'gist',
+      :client_id => client_id,
+    })
+    request.content_type = 'application/json'
+    request['accept'] = "application/json"
+    response = http(login_url, request)
+
+    if response.code != '200'
+      raise Error, "HTTP #{response.code}: #{response.body}"
+    end
+
+    body = JSON.parse(response.body)
+
+    puts "Please sign in at #{body['verification_uri']}"
+    puts "  and enter code: #{body['user_code']}"
+    device_code = body['device_code']
+    interval = body['interval']
+
+    loop do
+      sleep(interval.to_i)
+      request = Net::HTTP::Post.new("/login/oauth/access_token")
+      request.body = JSON.dump({
+        :client_id => client_id,
+        :grant_type => 'urn:ietf:params:oauth:grant-type:device_code',
+        :device_code => device_code
+      })
+      request.content_type = 'application/json'
+      request['Accept'] = 'application/json'
+      response = http(login_url, request)
+      if response.code != '200'
+        raise Error, "HTTP #{response.code}: #{response.body}"
+      end
+      body = JSON.parse(response.body)
+      break unless body['error'] == 'authorization_pending'
+    end
+
+    if body['error']
+      raise Error, body['error_description']
+    end
+
+    AuthTokenFile.write JSON.parse(response.body)['access_token']
+
+    puts "Success! #{ENV[URL_ENV_NAME] || "https://github.com/"}settings/connections/applications/#{client_id}"
+  end
+
+  # Logs the user into gist.
+  #
   # This method asks the user for a username and password, and tries to obtain
   # and OAuth2 access token, which is then stored in ~/.gist
   #
   # @raise [Gist::Error]  if something went wrong
-  # @param [Hash] credentials  login details
-  # @option credentials [String] :username
-  # @option credentials [String] :password
   # @see http://developer.github.com/v3/oauth/
-  def login!(credentials={})
+  def access_token_login!(credentials={})
     puts "Obtaining OAuth2 access_token from GitHub."
     loop do
       print "GitHub username: "
@@ -401,13 +454,17 @@ module Gist
     env = ENV['http_proxy'] || ENV['HTTP_PROXY']
     connection = if env
                    proxy = URI(env)
-                   Net::HTTP::Proxy(proxy.host, proxy.port).new(uri.host, uri.port)
+                   if proxy.user
+                     Net::HTTP::Proxy(proxy.host, proxy.port, proxy.user, proxy.password).new(uri.host, uri.port)
+                   else
+                     Net::HTTP::Proxy(proxy.host, proxy.port).new(uri.host, uri.port)
+                   end
                  else
                    Net::HTTP.new(uri.host, uri.port)
                  end
     if uri.scheme == "https"
       connection.use_ssl = true
-      connection.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      connection.verify_mode = OpenSSL::SSL::VERIFY_PEER
     end
     connection.open_timeout = 10
     connection.read_timeout = 10
@@ -555,11 +612,19 @@ Could not find copy command, tried:
     ENV.key?(URL_ENV_NAME) ? GHE_BASE_PATH : GITHUB_BASE_PATH
   end
 
+  def login_url
+    ENV.key?(URL_ENV_NAME) ? URI(ENV[URL_ENV_NAME]) : GITHUB_URL
+  end
+
   # Get the API URL
   def api_url
     ENV.key?(URL_ENV_NAME) ? URI(ENV[URL_ENV_NAME]) : GITHUB_API_URL
   end
 
+  def client_id
+    ENV.key?(CLIENT_ID_ENV_NAME) ? URI(ENV[CLIENT_ID_ENV_NAME]) : GITHUB_CLIENT_ID
+  end
+
   def legacy_private_gister?
     return unless which('git')
     `git config --global gist.private` =~ /\Ayes|1|true|on\z/i

data/spec/ghe_spec.rb

@@ -5,10 +5,10 @@ describe '...' do
   MOCK_USER         = 'foo'
   MOCK_PASSWORD     = 'bar'
 
-  MOCK_AUTHZ_GHE_URL    = "#{MOCK_GHE_PROTOCOL}://#{MOCK_USER}:#{MOCK_PASSWORD}@#{MOCK_GHE_HOST}/api/v3/"
+  MOCK_AUTHZ_GHE_URL    = "#{MOCK_GHE_PROTOCOL}://#{MOCK_GHE_HOST}/api/v3/"
   MOCK_GHE_URL          = "#{MOCK_GHE_PROTOCOL}://#{MOCK_GHE_HOST}/api/v3/"
-  MOCK_AUTHZ_GITHUB_URL = "https://#{MOCK_USER}:#{MOCK_PASSWORD}@api.github.com/"
   MOCK_GITHUB_URL       = "https://api.github.com/"
+  MOCK_LOGIN_URL        = "https://github.com/"
 
   before do
     @saved_env = ENV[Gist::URL_ENV_NAME]
@@ -20,8 +20,15 @@ describe '...' do
     # stub requests for /authorizations
     stub_request(:post, /#{MOCK_AUTHZ_GHE_URL}authorizations/).
       to_return(:status => 201, :body => '{"token": "asdf"}')
-    stub_request(:post, /#{MOCK_AUTHZ_GITHUB_URL}authorizations/).
+    stub_request(:post, /#{MOCK_GITHUB_URL}authorizations/).
+      with(headers: {'Authorization'=>'Basic Zm9vOmJhcg=='}).
       to_return(:status => 201, :body => '{"token": "asdf"}')
+
+    stub_request(:post, /#{MOCK_LOGIN_URL}login\/device\/code/).
+      to_return(:status => 200, :body => '{"interval": "0.1", "user_code":"XXXX-XXXX", "device_code": "xxxx", "verification_uri": "https://github.com/login/device"}')
+
+    stub_request(:post, /#{MOCK_LOGIN_URL}login\/oauth\/access_token/).
+      to_return(:status => 200, :body => '{"access_token":"zzzz"}')
   end
 
   after do
@@ -48,7 +55,7 @@ describe '...' do
 
       Gist.login!
 
-      assert_requested(:post, /#{MOCK_AUTHZ_GITHUB_URL}authorizations/)
+      assert_requested(:post, /#{MOCK_LOGIN_URL}login\/oauth\/access_token/)
     end
 
     it "should access to #{MOCK_GHE_HOST} when $#{Gist::URL_ENV_NAME} was set" do
@@ -65,7 +72,7 @@ describe '...' do
         $stdin = StringIO.new "#{MOCK_USER}_wrong\n#{MOCK_PASSWORD}_wrong\n"
         Gist.login! :username => MOCK_USER, :password => MOCK_PASSWORD
 
-        assert_requested(:post, /#{MOCK_AUTHZ_GITHUB_URL}authorizations/)
+        assert_requested(:post, /#{MOCK_GITHUB_URL}authorizations/)
       end
 
     end

data/vendor/json.rb

@@ -44,7 +44,7 @@ module JSON
           /(?=\*/)      # single slash before this comment's end
          )*
            \*/               # the End of this comment
-           |[ \t\r\n]+       # whitespaces: space, horicontal tab, lf, cr
+           |[ \t\r\n]+       # whitespaces: space, horizontal tab, lf, cr
         )+
       )mx
 
@@ -64,7 +64,7 @@ module JSON
       #   (keys) in a JSON object. Otherwise strings are returned, which is also
       #   the default.
       # * *create_additions*: If set to false, the Parser doesn't create
-      #   additions even if a matchin class and create_id was found. This option
+      #   additions even if a matching class and create_id was found. This option
       #   defaults to true.
       # * *object_class*: Defaults to Hash
       # * *array_class*: Defaults to Array
@@ -1265,7 +1265,7 @@ module ::Kernel
     nil
   end
 
-  # Ouputs _objs_ to STDOUT as JSON strings in a pretty format, with
+  # Outputs _objs_ to STDOUT as JSON strings in a pretty format, with
   # indentation and over many lines.
   def jj(*objs)
     objs.each do |obj|

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gist
 version: !ruby/object:Gem::Version
-  version: 5.1.0
+  version: 6.1.0
 platform: ruby
 authors:
 - Conrad Irwin
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-02-07 00:00:00.000000000 Z
+date: 2026-06-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -76,15 +76,12 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
-- ".gitignore"
 - ".rspec"
 - Gemfile
 - LICENSE.MIT
 - README.md
 - Rakefile
 - bin/gist
-- build/gist
-- build/gist.1
 - gist.gemspec
 - lib/gist.rb
 - spec/auth_token_file_spec.rb
@@ -115,7 +112,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.0.3.1
 signing_key: 
 specification_version: 4
 summary: Just allows you to upload gists

data/.gitignore

@@ -1,8 +0,0 @@
-.rvmrc
-Gemfile.lock
-
-# OS X
-.DS_Store
-.yardoc
-doc
-*.gem