The flows are crucial to the extension and I wanted to be able to declare which can be used when in a declarative way. This reworks the flows into that model.
Additionally, it pulls in the Client ID and secret from a config which will allow us to not rely on the vscode.dev proxy on Desktop (because we can make a distro change that includes the secret... which isn't a real secret, says GitHub)... unfortunately we still need to rely on it for Web due to CORS but we're in a position where it will be easy to rip the proxy out when GH supports it.
We don't need to fetch the user details when the Auth Session already has the info we need. This PR removes that extraneous web request.
I've also changed the `User-Agent` that we pass to be more specific so we can narrow down any future issues with spamming web requests.
Fixes#173645
* Organize Errors in GitHub Auth and make sure no double prompting happens
This mostly just moves some strings into variables... but this also fixes the GH Auth side of https://github.com/microsoft/vscode/issues/180697 so you should only be asked once if you want to try a different way to log in.
* add comments
* Improve GHES flow
It's clear to me now that a lot of users of the GHES flow have auth behind a VPN. Something that we cannot support in the OAuth flow because we require making a request to vscode.dev who makes a request to the GHES instance.
In light of this, we will remove the OAuth flow for GHES. Fear not, though... because both the Device Code Flow and the PAT flow are there and the PAT flow has been improved in 1.75... so in conclusion, I think GHES is handled as best we can with this PR.
Additionally, there is some "Hosted GitHub Enterprise" scenarios popping up, and this future proofs that by allowing "Hosted GitHub Enterprise" experiences to go through the OAuth flow because we know for a fact that they will be accessible from vscode.dev.
Fixes#169619
Fixes https://github.com/microsoft/vscode-internalbacklog/issues/3398
* Use api. sub domain and update telemetry logic
This improves the PAT auth flow by showing a modal to open github.com with the scopes already pre-filled.
This should allow for less room for error during the PAT auth.
Additionally, this allows PAT auth flow to be used as a fallback for GH Enterprise flows.
1. Namespace secrets based on the value of github-enterprise.uri to support "multiple separate GHES instances"
2. If the setting value disappears, continue using last set value. Fixes https://github.com/microsoft/vscode-pull-request-github/issues/3992
3. Mark github-enterprise.uri as requires trust
3. Refactoring like:
* UriHandler is handled in extension.ts and passed down everywhere since we can only have 1 instance of it
* misc style (`private` usage, better `disposable` handling)
Web will come in the next PR (hence the TODO)
Also this includes the smallest translation change which will be the ultimate test that this is all working.
* Add proper error message on getUserInfo
* improved error message on getUserInfo
either display the response message or the http status text
Co-authored-by: Sven Grossmann <mail@grossmann.dev>
