Use GHE auth provider if GHEC-DR URI is set

2024-04-24 13:43:09 +02:00
parent 871fc0b817
commit 9a14896a4e
4 changed files with 17 additions and 6 deletions
--- a/extensions/ql-vscode/src/common/authentication.ts
+++ b/extensions/ql-vscode/src/common/authentication.ts
@@ -31,4 +31,9 @@ export interface Credentials {
   * @returns An OAuth access token, or undefined.
   */
  getExistingAccessToken(): Promise<string | undefined>;
+
+  /**
+   * Returns the ID of the authentication provider to use.
+   */
+  authProviderId: string;
 }
--- a/extensions/ql-vscode/src/common/vscode/authentication.ts
+++ b/extensions/ql-vscode/src/common/vscode/authentication.ts
@@ -2,8 +2,7 @@ import { authentication } from "vscode";
 import type { Octokit } from "@octokit/rest";
 import type { Credentials } from "../authentication";
 import { AppOctokit } from "../octokit";
-
-export const GITHUB_AUTH_PROVIDER_ID = "github";
+import { hasGhecDrUri } from "../../config";

 // We need 'repo' scope for triggering workflows, 'gist' scope for exporting results to Gist,
 // and 'read:packages' for reading private CodeQL packages.
@@ -39,7 +38,7 @@ export class VSCodeCredentials implements Credentials {

  async getAccessToken(): Promise<string> {
    const session = await authentication.getSession(
-      GITHUB_AUTH_PROVIDER_ID,
+      this.authProviderId,
      SCOPES,
      { createIfNone: true },
    );
@@ -49,11 +48,18 @@ export class VSCodeCredentials implements Credentials {

  async getExistingAccessToken(): Promise<string | undefined> {
    const session = await authentication.getSession(
-      GITHUB_AUTH_PROVIDER_ID,
+      this.authProviderId,
      SCOPES,
      { createIfNone: false },
    );

    return session?.accessToken;
  }
+
+  public get authProviderId(): string {
+    if (hasGhecDrUri()) {
+      return "github-enterprise";
+    }
+    return "github";
+  }
 }
--- a/extensions/ql-vscode/src/variant-analysis/variant-analysis-manager.ts
+++ b/extensions/ql-vscode/src/variant-analysis/variant-analysis-manager.ts
@@ -78,7 +78,6 @@ import {
  REPO_STATES_FILENAME,
  writeRepoStates,
 } from "./repo-states-store";
-import { GITHUB_AUTH_PROVIDER_ID } from "../common/vscode/authentication";
 import { FetchError } from "node-fetch";
 import {
  showAndLogExceptionWithTelemetry,
@@ -750,7 +749,7 @@ export class VariantAnalysisManager
  private async onDidChangeSessions(
    event: AuthenticationSessionsChangeEvent,
  ): Promise<void> {
-    if (event.provider.id !== GITHUB_AUTH_PROVIDER_ID) {
+    if (event.provider.id !== this.app.credentials.authProviderId) {
      return;
    }

--- a/extensions/ql-vscode/test/factories/authentication.ts
+++ b/extensions/ql-vscode/test/factories/authentication.ts
@@ -15,6 +15,7 @@ function makeTestOctokit(octokit: Octokit): Credentials {
        "getExistingAccessToken not supported by test credentials",
      );
    },
+    authProviderId: "github",
  };
 }