Skip to content

feat(copilot): adds github copilot login support #469

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 9 commits into
base: main
Choose a base branch
from
Open

feat(copilot): adds github copilot login support #469

wants to merge 9 commits into from

Conversation

nathabonfim59
Copy link
Contributor

As mentioned in #426, currently, we require an external program to generate the Github Copilot oAuthToken.
This PR adds all necessary structures to do this first login within mods.

How to test

  1. Backup and remove your oAuthToken (~/.config/github-copilot)
  2. Remove the cached token (~/.local/share/mods/temp/)
  3. Try to run a new generation using mods
  4. Following the instructions using the DeviceCode authentication flow (it will show in your terminal)

It will automatically ask for login and poll for the authToken every 5 seconds (defined by the API) and perform the generation afterwards

PR Summary

Authentication Refactor:

  • Added new constants for device code and token URLs and the client ID (copilot.go).
  • Introduced new data structures for handling device code and token responses (CopilotDeviceCodeResponse, CopilotDeviceTokenResponse, CopilotFailedRequestResponse, copilotGithubOAuthTokenWrapper, copilotOAuthToken) (copilot.go).

New Functions:

  • Added copilotLogin function to initiate device code authentication and fetch the OAuth token (copilot.go).
  • Added fetchCopilotRefreshToken function to poll for the OAuth token using the device code (copilot.go).
  • Added saveCopilotOAuthToken and copilotRegisterApp functions to save the OAuth token and register the app version (copilot.go).

Refactoring Existing Functions:

  • Modified getCopilotRefreshToken to use the new copilotLogin function for obtaining the OAuth token (copilot.go).
  • Updated getCopilotAccessToken to fetch the OAuth token instead of the refresh token (copilot.go).

@nathabonfim59
feat(copilot): add new auth flow with device code
4f4a58c
@nathabonfim59
fix(copilot): correct verification URI and interval parsing in device…
6d166d7 
… flow
@nathabonfim59
feat(copilot): implement device flow authentication
68d226c 
- Add full token exchange flow for GitHub Copilot auth
- Store OAuth tokens in config directory
- Register application in versions.json
- Fix API endpoint URLs and request formatting
@nathabonfim59
fix(copilot): remove unreachable code in OAuth token retrieval
29b7660
@nathabonfim59 nathabonfim59 requested a review from caarlos0 as a code owner April 1, 2025 16:21
nathabonfim59
nathabonfim59 commented May 28, 2025
View reviewed changes
internal/copilot/copilot.go

// Add/update our entry
// TODO: How can we import this? Create a `meta.go`?
//versions["mods"] = main.Version
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since it's no longer a single package, we can't access the Versions variable. What would be the best approach here?

Alternatively, we can ditch the "app registration" entirely. This will be only used by Microsoft to track how many users of a given application are using Copilot. But we're not sending this info in the request, so it could be removed without a big impact.

@caarlos0
Copy link
Member

caarlos0 commented Jun 3, 2025

I wonder if we could use https://github.com/cli/oauth for this - or parts of it?

@nathabonfim59
Copy link
Contributor Author

I wonder if we could use https://github.com/cli/oauth for this - or parts of it?

Thanks for the feedback! Using the github.com/cli/oauth library would certainly be more elegant than the current implementation.

I've done this "by hand" to avoid adding extra dependencies, but I can switch to using this library if you're comfortable with it.

I guess it would be useful for future MCP and other AI providers that also uses the same method as well.

@caarlos0
Copy link
Member

caarlos0 commented Jun 5, 2025

I've done this "by hand" to avoid adding extra dependencies, but I can switch to using this library if you're comfortable with it.

I think it's probably fine to use it, yes 🙏

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@caarlos0 caarlos0 Awaiting requested review from caarlos0 caarlos0 is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nathabonfim59 @caarlos0