Handle grant scope mismatches in login
Detect the Gitea different scope authorize failure as a dedicated auth error, show the revoke URL and client ID, and retry login once after manual grant revocation without forcing a second full authentication. Expand the requested scope set to include read:organization, add the revoke-grant helper path and setup auto-yes flag in the scaffold, document the recovery flow, and cover revoke prompting and retry behavior in forge_auth tests.
This commit is contained in:
FanaticPythoner (Nathan Trudeau)
4
Justfile
4
Justfile
@@ -71,6 +71,10 @@ logout:
|
||||
relogin:
|
||||
@bash scripts/forge_login.sh --force
|
||||
|
||||
# Open Gitea's "Authorized OAuth2 Applications" page to revoke a stale grant. Resolves the "different scope" failure mode (see docs/oauth-grant-scope-mismatch.md).
|
||||
revoke-grant:
|
||||
@bash scripts/revoke_grant.sh
|
||||
|
||||
# Force a token refresh (normally automatic inside the credential helper).
|
||||
refresh:
|
||||
@python3 scripts/forge_auth.py refresh --force
|
||||
|
||||
Reference in New Issue
Block a user