Live Folders: support GitHub Enterprise instances#13044
Live Folders: support GitHub Enterprise instances#13044gcsecsey wants to merge 5 commits intozen-browser:devfrom
Conversation
Allow each GitHub live folder to target a configurable GitHub instance instead of hardcoding github.com. Users are prompted for the instance URL when creating a folder, and can change it later via the context menu "Instance" option. - Add `host` to GitHub provider state (defaults to github.com) - Derive fetch URL and login redirect from the configured host - Add `promptForHost()` static method (follows RSS pattern) - Add "Instance: hostname" option in Live Folder context menu - Broaden auth error detection (any non-2xx + empty results) - Add localization strings for instance prompt and validation - Update tests for custom host support Related to zen-browser#12768
- Add GithubAuth.sys.mjs: secure PAT storage via Firefox Login Manager (tokens stored with unique httpRealm, never in JSON state file) - Add REST API fetch path: when a PAT is available, use GitHub's /search/issues API instead of HTML scraping (more reliable for GHE) - Add headers support to base fetch() method via channel.setRequestHeader - Add "Set/Remove Access Token" context menu options - Open PAT creation page with pre-selected scopes when configuring GHE - Skip host prompt for first GitHub folder (defaults to github.com) - Handle token expiry: clear stored token on 401/403, prompt for new one - Add comprehensive tests for custom host, auth detection, and state defaults
- Triangle click always opens PAT creation page (no prompt window) - GHE instances without PAT skip HTML scraping, show auth error directly - Empty API results no longer treated as auth failure (valid empty search) - Register GithubAuth.sys.mjs in moz.build - Remove debug logging
Security: - Exclude _hasToken from serialize() to prevent state file leakage - Only allow HTTPS for GitHub host URLs (reject HTTP) - Clean up stored PAT when folder is deleted (if no other folder shares host) Performance: - Parallelize API queries with Promise.all (saves 400-1000ms per cycle) Correctness: - Use || instead of ?? for host default (prevents empty string breaking URL) - Fix broken GHE tests (GHE early-returns before fetch, so test fetch assertions) - Remove dead hasToken() method from GithubTokenManager
gcsecsey
changed the title
dosubot
bot
added
size:XL
- Extract `get #isGitHubEnterprise` getter (replaces 3 inline checks) - Extract `get #hasAnyFilterEnabled` getter (eliminates duplication between fetchItems and fetchItemsViaApi) - Use Promise.allSettled for API queries (preserves partial results when one query fails instead of losing all results) - Sync _hasToken on 401/403 token removal
|
Not too sure about this, it certainly seems to add quite the level of complexity from the user's side... |
What makes you think that? Is it the concept or the usage? I think if this feature is greenlit, we could have settings on a Live Folder when right-clicking it, where we could set a token or URL. Or is it the customization of Live Folders that feels too advanced? |
|
@mr-cheffy thanks for the feedback. Yes, I was experimenting with using only cookie-based auth to make the UX just as simple as for github.com, but GHE instances are typically behind SSO/SAML, so the cookie-based approach is not reliable. This requires us to manage the entry and storage of the PAT in some way, I'm not sure if the current approach is the best UX. This is how the current flow looks like:
2. Clicking the error triangle opens the GHE's "Create new token" page with pre-selected scopes
3. User then right-clicks the folder → "Set Access Token…" to paste the token
4. Once the PAT is set, the user can remove it by right-clicking the folder → "Remove Access Token" then set a new one
Could you advise how we can make this flow easier to use? |
Yes, I feel like part of the magic behind live folders is that everything feels seeming-less... Give me some time to think about this, maybe there's a nicer solution |
| } | ||
|
|
||
| if (!hasAnyFilterEnabled) { | ||
| // GHE instances require a PAT — HTML scraping won't work without cookies |
There was a problem hiding this comment.
We are sending cookies though?
There was a problem hiding this comment.
Not at the moment, I started working on this by testing my own use-case (SAML). However, GHE support these 4 auth methods, and for instances using the built in auth, the same flow should work that already works with github.com.
I'll update the PR to try to use cookies first, and only fall back to requiring a PAT if that approach fails. Unfortunately, AFAIK there's no way to detect the auth method from the client side.
3 participants
Related issues
Fixes #12768
Proposed Changes
The GitHub Live Folder provider currently hardcodes
https://github.comas its only source, preventing users with GitHub Enterprise (GHE) instances from using the feature.This PR adds full GitHub Enterprise support with two authentication strategies:
1. Configurable GitHub host per folder
github.com)2. Personal Access Token (PAT) authentication for GHE
/search/issues)reposcope3. Security hardening
_hasTokenruntime flag excluded from state file serializationPromise.allfor better performance4. Broader auth error detection
Files changed
providers/GithubAuth.sys.mjsproviders/GithubLiveFolder.sys.mjsZenLiveFolder.sys.mjsheadersparameter to basefetch()methodZenLiveFoldersManager.sys.mjsmoz.buildGithubAuth.sys.mjsmodulezen-live-folders.ftlbrowser_github_live_folder.jsTesting Instructions
https://github.corp.com). The PAT creation page should open on your GHE instance.about:logins).npm run test live-folders