fix(login): use verifier to create oauth challenge (!1670) · Merge requests · GitLab.org / cli · GitLab

Jay McCure requested to merge jmc-oauth-debug into main Sep 10, 2024

Description

Fixes oauth authentication by using the code_verifier to generate the code_challenge (previously a new verifier was used to generate the code_challenge) https://docs.gitlab.com/ee/api/oauth2.html#authorization-code-with-proof-key-for-code-exchange-pkce
Prints an error if the OAuth request fails with a 400. Previously the user would be unaware why the request failed.

Related Issues

Resolves #7652 (closed)

How has this been tested?

glab auth login (web)

Screenshots (if appropriate):

Redacted URL since my browser isn't configured.

Before:

AFTER:

New error message:

Types of changes

Bug fix (non-breaking change which fixes an issue)
New feature (non-breaking change which adds functionality)
Breaking change (fix or feature that would cause existing functionality to change)
Documentation
Chore (Related to CI or Packaging to platforms)
Test gap

Edited Sep 10, 2024 by Jay McCure