lex-github 0.3.1 → 0.3.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: eebe64eb1c8b63779a68d69cea578a978c3051d54cb7e446c53778d0d9af27c0
-  data.tar.gz: d7b0a6c2f444212f4e36ec4cb96394db42a64beaaf8a8597094e079f75f62454
+  metadata.gz: 375eae72829e4b18ecd5162a92eecb0a93f22552e51bdedee79866d46d720fdd
+  data.tar.gz: 543b65111d082eec0abfa3a2e1c9d44e7e248d5ded04a6664f26f1f5d1025b00
 SHA512:
-  metadata.gz: 8a9f9e5af627a04456364243839cb8984eefaa5576a5dfcee75284fb40c5fbac6fb12f69334c1f8b36f00b1538e57a484f057255d506f1a3a249de94c10d4d7d
-  data.tar.gz: 95d3863eb968f7f26d415e0d56bfff81e3e57a911183abd95f5734ba0a45dfc6201fa8bf92227d030752be4f225590e824ae9e15148cf5adcbdbdb0275b7b5a7
+  metadata.gz: 7d3f74a3a0bd859ca3c8a35afca74a6c45afb7d057f2aff06fa2f6842b77a94ca5afaa840c08d323a1172f1385d3db6f9f34fb5b886a6deae5cfe98f5b45f139
+  data.tar.gz: 4c19e0bbae310e0987bbda49565a525c5cb6bf90abb4a91c81134834d4a53f671160e4767b6ec20862a68f8d680ddf4083be635e079752d7e217a5f5b353db34

data/CHANGELOG.md

@@ -2,6 +2,20 @@
 
 ## [Unreleased]
 
+## [0.3.3] - 2026-03-31
+
+### Fixed
+- CLI runner output: `status` and `login` commands now print JSON results to stdout
+- CLI runner errors print to stderr via `warn`
+
+## [0.3.2] - 2026-03-31
+
+### Added
+- CLI command registration: `legionio lex exec github auth status|login` and `legionio lex exec github app setup|complete_setup`
+- `CLI::AuthRunner` and `CLI::AppRunner` wrapper classes for `lex exec` dispatch
+- Self-registering CLI manifest at `~/.legionio/cache/cli/lex-github.json` (written on first require)
+- Require redirect `lib/lex/github.rb` for `lex exec` compatibility
+
 ## [0.3.1] - 2026-03-30
 
 ### Changed

data/lib/legion/extensions/github/cli/auth.rb

@@ -15,9 +15,9 @@ module Legion
             csec = client_secret || settings_client_secret
             sc = scopes || settings_scopes
 
-            unless cid && csec
+            unless cid
               return { error:       'missing_config',
-                       description: 'Set github.oauth.client_id or github.app.client_id and github.app.client_secret in settings or pass as arguments' }
+                       description: 'Set github.oauth.client_id or github.app.client_id in settings' }
             end
 
             browser = Helpers::BrowserAuth.new(client_id: cid, client_secret: csec, scopes: sc)

data/lib/legion/extensions/github/cli/runner.rb

@@ -0,0 +1,104 @@
+# frozen_string_literal: true
+
+require 'json'
+require 'net/http'
+require 'uri'
+require 'rbconfig'
+
+module Legion
+  module Extensions
+    module Github
+      module CLI
+        DAEMON_URL = ENV.fetch('LEGION_API_URL', 'http://127.0.0.1:4567')
+
+        module DaemonApi
+          private
+
+          def api_post(path, body = {})
+            uri = URI("#{DAEMON_URL}#{path}")
+            http = Net::HTTP.new(uri.host, uri.port)
+            http.open_timeout = 5
+            http.read_timeout = 30
+            request = Net::HTTP::Post.new(uri.path, 'Content-Type' => 'application/json')
+            request.body = ::JSON.generate(body)
+            parse_response(http.request(request))
+          rescue Errno::ECONNREFUSED, Errno::ECONNRESET => _e
+            { error: 'daemon_unavailable', description: "Legion daemon not running at #{DAEMON_URL}. Start it with: legionio start" }
+          end
+
+          def api_get(path)
+            uri = URI("#{DAEMON_URL}#{path}")
+            parse_response(Net::HTTP.get_response(uri))
+          rescue Errno::ECONNREFUSED, Errno::ECONNRESET => _e
+            { error: 'daemon_unavailable', description: "Legion daemon not running at #{DAEMON_URL}. Start it with: legionio start" }
+          end
+
+          def parse_response(response)
+            ::JSON.parse(response.body, symbolize_names: true)
+          rescue ::JSON::ParserError => _e
+            { error: "http_#{response.code}", description: response.body&.strip }
+          end
+
+          def print_json(result)
+            if result.is_a?(Hash) && result[:error]
+              warn "Error: #{result[:error]}"
+              warn "  #{result[:description]}" if result[:description]
+            else
+              puts ::JSON.pretty_generate(result)
+            end
+          end
+
+          def open_browser(url)
+            cmd = case RbConfig::CONFIG['host_os']
+                  when /darwin/      then 'open'
+                  when /linux/       then 'xdg-open'
+                  when /mswin|mingw/ then 'start'
+                  end
+            system(cmd, url) if cmd
+          end
+        end
+
+        class AuthRunner
+          include DaemonApi
+
+          def status
+            print_json(api_post('/api/extensions/github/runners/auth/status'))
+          end
+
+          def login
+            print_json(api_post('/api/extensions/github/runners/auth/login'))
+          end
+        end
+
+        class AppRunner
+          include DaemonApi
+
+          def setup
+            result = api_post('/api/extensions/github/cli/app/setup')
+
+            if result[:error]
+              print_json(result)
+              return
+            end
+
+            url = result.dig(:data, :manifest_url)
+            if url
+              warn 'Opening browser to create GitHub App...'
+              open_browser(url)
+              warn 'Waiting for callback...'
+              poll = api_post('/api/extensions/github/cli/app/await_callback',
+                              { timeout: 300 })
+              print_json(poll)
+            else
+              print_json(result)
+            end
+          end
+
+          def complete_setup
+            print_json(api_post('/api/extensions/github/cli/app/complete_setup'))
+          end
+        end
+      end
+    end
+  end
+end

data/lib/legion/extensions/github/helpers/browser_auth.rb

@@ -14,7 +14,7 @@ module Legion
 
           attr_reader :client_id, :client_secret, :scopes
 
-          def initialize(client_id:, client_secret:, scopes: DEFAULT_SCOPES, auth: nil, **)
+          def initialize(client_id:, client_secret: nil, scopes: DEFAULT_SCOPES, auth: nil, **)
             @client_id = client_id
             @client_secret = client_secret
             @scopes = scopes

data/lib/legion/extensions/github/oauth/runners/auth.rb

@@ -33,21 +33,19 @@ module Legion
               { result: "https://github.com/login/oauth/authorize?#{params}" }
             end
 
-            def exchange_code(client_id:, client_secret:, code:, redirect_uri:, code_verifier:, **)
-              response = oauth_connection.post('/login/oauth/access_token', {
-                                                 client_id: client_id, client_secret: client_secret,
-                                                code: code, redirect_uri: redirect_uri,
-                                                code_verifier: code_verifier
-                                               })
+            def exchange_code(client_id:, code:, redirect_uri:, code_verifier:, client_secret: nil, **)
+              body = { client_id: client_id, code: code,
+                       redirect_uri: redirect_uri, code_verifier: code_verifier }
+              body[:client_secret] = client_secret if client_secret
+              response = oauth_connection.post('/login/oauth/access_token', body)
               { result: response.body }
             end
 
-            def refresh_token(client_id:, client_secret:, refresh_token:, **)
-              response = oauth_connection.post('/login/oauth/access_token', {
-                                                 client_id: client_id, client_secret: client_secret,
-                                                refresh_token: refresh_token,
-                                                grant_type: 'refresh_token'
-                                               })
+            def refresh_token(client_id:, refresh_token:, client_secret: nil, **)
+              body = { client_id: client_id, refresh_token: refresh_token,
+                       grant_type: 'refresh_token' }
+              body[:client_secret] = client_secret if client_secret
+              response = oauth_connection.post('/login/oauth/access_token', body)
               { result: response.body }
             end
 

data/lib/legion/extensions/github/runners/auth.rb

@@ -0,0 +1,126 @@
+# frozen_string_literal: true
+
+require 'legion/extensions/github/helpers/client'
+require 'legion/extensions/github/helpers/browser_auth'
+require 'legion/extensions/github/app/runners/auth'
+require 'legion/extensions/github/app/runners/credential_store'
+require 'legion/extensions/github/oauth/runners/auth'
+
+module Legion
+  module Extensions
+    module Github
+      module Runners
+        module Auth
+          include Legion::Extensions::Github::Helpers::Client
+          include Legion::Extensions::Github::App::Runners::Auth
+          include Legion::Extensions::Github::App::Runners::CredentialStore
+          include Legion::Extensions::Github::OAuth::Runners::Auth
+
+          def self.remote_invocable?
+            false
+          end
+
+          def status(**)
+            cred = resolve_credential
+            unless cred
+              log.warn('[lex-github] auth status: no credential found across all sources')
+              return { result: { authenticated: false } }
+            end
+
+            log.info("[lex-github] auth status: credential found via #{cred[:auth_type]}")
+
+            user_info = {}
+            scopes = nil
+            begin
+              response = connection(token: cred[:token]).get('/user')
+              user_info = response.body || {}
+              headers = response.respond_to?(:headers) ? response.headers : {}
+              scopes_header = headers['X-OAuth-Scopes'] || headers['x-oauth-scopes']
+              scopes = scopes_header&.split(',')&.map(&:strip)
+              log.info("[lex-github] auth status: authenticated as #{user_info['login']} (#{cred[:auth_type]})")
+            rescue StandardError => e
+              log.warn("[lex-github] auth status: credential found but /user request failed: #{e.message}")
+            end
+
+            { result: { authenticated: true, auth_type: cred[:auth_type],
+                        user: user_info['login'], scopes: scopes } }
+          end
+
+          def login(client_id: nil, scopes: nil, **)
+            cid = client_id || settings_client_id
+            unless cid
+              log.error('[lex-github] auth login: no client_id configured — set github.app.client_id in settings')
+              return { error: 'missing_config', description: 'Set github.app.client_id in settings' }
+            end
+
+            log.info("[lex-github] auth login: starting OAuth flow with client_id=#{cid[0..7]}...")
+
+            sc = scopes || settings_scopes
+            browser = Helpers::BrowserAuth.new(client_id: cid, scopes: sc)
+            result = browser.authenticate
+
+            if result[:error]
+              log.error("[lex-github] auth login failed: #{result[:error]} — #{result[:description]}")
+              return { result: nil, error: result[:error], description: result[:description] }
+            end
+
+            if result[:result]&.dig('access_token')
+              user = begin
+                current_user(token: result[:result]['access_token'])
+              rescue StandardError => e
+                log.warn("[lex-github] auth login: token obtained but /user lookup failed: #{e.message}")
+                'default'
+              end
+
+              log.info("[lex-github] auth login: authenticated as #{user}")
+
+              if respond_to?(:store_oauth_token, true)
+                store_oauth_token(
+                  user:          user,
+                  access_token:  result[:result]['access_token'],
+                  refresh_token: result[:result]['refresh_token'],
+                  expires_in:    result[:result]['expires_in']
+                )
+                log.info("[lex-github] auth login: token stored for user=#{user}")
+              else
+                log.warn('[lex-github] auth login: store_oauth_token not available — token not persisted')
+              end
+            else
+              log.warn('[lex-github] auth login: OAuth completed but no access_token in response')
+            end
+
+            result
+          end
+
+          def installations(**)
+            log.info('[lex-github] listing app installations')
+            list_installations(**)
+          end
+
+          private
+
+          def current_user(token:)
+            connection(token: token).get('/user').body['login']
+          end
+
+          def settings_client_id
+            defined?(Legion::Settings) &&
+              (Legion::Settings.dig(:github, :oauth, :client_id) ||
+               Legion::Settings.dig(:github, :app, :client_id))
+          rescue StandardError => _e
+            nil
+          end
+
+          def settings_scopes
+            defined?(Legion::Settings) && Legion::Settings.dig(:github, :oauth, :scopes)
+          rescue StandardError => _e
+            nil
+          end
+
+          include Legion::Extensions::Helpers::Lex if Legion::Extensions.const_defined?(:Helpers, false) &&
+                                                      Legion::Extensions::Helpers.const_defined?(:Lex, false)
+        end
+      end
+    end
+  end
+end

data/lib/legion/extensions/github/version.rb

@@ -3,7 +3,7 @@
 module Legion
   module Extensions
     module Github
-      VERSION = '0.3.1'
+      VERSION = '0.3.3'
     end
   end
 end

data/lib/legion/extensions/github.rb

@@ -35,13 +35,51 @@ require 'legion/extensions/github/runners/actions'
 require 'legion/extensions/github/runners/checks'
 require 'legion/extensions/github/runners/releases'
 require 'legion/extensions/github/runners/deployments'
+require 'legion/extensions/github/runners/auth'
 require 'legion/extensions/github/runners/repository_webhooks'
 require 'legion/extensions/github/client'
+require 'legion/extensions/github/cli/runner'
 
 module Legion
   module Extensions
     module Github
       extend Legion::Extensions::Core if Legion::Extensions.const_defined? :Core, false
+
+      CLI_COMMANDS = {
+        'auth' => {
+          class_name: 'Legion::Extensions::Github::CLI::AuthRunner',
+          methods:    {
+            'login'  => { desc: 'Authenticate with GitHub via OAuth browser flow', args: '' },
+            'status' => { desc: 'Show current GitHub authentication status', args: '' }
+          }
+        },
+        'app'  => {
+          class_name: 'Legion::Extensions::Github::CLI::AppRunner',
+          methods:    {
+            'setup'          => { desc: 'Create a new GitHub App via manifest flow', args: '' },
+            'complete_setup' => { desc: 'Complete GitHub App setup with authorization code', args: '' }
+          }
+        }
+      }.freeze
+
+      begin
+        manifest_dir = ::File.expand_path('~/.legionio/cache/cli')
+        manifest_path = ::File.join(manifest_dir, 'lex-github.json')
+        unless ::File.exist?(manifest_path) && ::File.read(manifest_path).include?(VERSION)
+          require 'fileutils'
+          ::FileUtils.mkdir_p(manifest_dir)
+          serialized = CLI_COMMANDS.transform_values do |cmd|
+            { 'class'   => cmd[:class_name],
+              'methods' => cmd[:methods].transform_values { |m| { 'desc' => m[:desc], 'args' => m[:args] } } }
+          end
+          ::File.write(manifest_path, ::JSON.pretty_generate(
+                                        'gem' => 'lex-github', 'version' => VERSION,
+                                        'alias' => 'github', 'commands' => serialized
+                                      ))
+        end
+      rescue StandardError => e
+        warn "[lex-github] CLI manifest write skipped: #{e.message}" if ENV['LEGION_DEBUG']
+      end
     end
   end
 end

data/lib/lex/github.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+# Redirect for `require 'lex/github'` (used by `legionio lex exec`)
+require 'legion/extensions/github'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: lex-github
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.3.3
 platform: ruby
 authors:
 - Esity
@@ -185,6 +185,7 @@ files:
 - lib/legion/extensions/github/app/transport/queues/webhooks.rb
 - lib/legion/extensions/github/cli/app.rb
 - lib/legion/extensions/github/cli/auth.rb
+- lib/legion/extensions/github/cli/runner.rb
 - lib/legion/extensions/github/client.rb
 - lib/legion/extensions/github/errors.rb
 - lib/legion/extensions/github/helpers/browser_auth.rb
@@ -202,6 +203,7 @@ files:
 - lib/legion/extensions/github/oauth/transport/exchanges/oauth.rb
 - lib/legion/extensions/github/oauth/transport/queues/auth.rb
 - lib/legion/extensions/github/runners/actions.rb
+- lib/legion/extensions/github/runners/auth.rb
 - lib/legion/extensions/github/runners/branches.rb
 - lib/legion/extensions/github/runners/checks.rb
 - lib/legion/extensions/github/runners/comments.rb
@@ -219,6 +221,7 @@ files:
 - lib/legion/extensions/github/runners/search.rb
 - lib/legion/extensions/github/runners/users.rb
 - lib/legion/extensions/github/version.rb
+- lib/lex/github.rb
 homepage: https://github.com/LegionIO/lex-github
 licenses:
 - MIT