block
CLI: github copilot device auth process fails
Describe the bug
I just discovered goose and was attempting to use it in CLI mode with provider Github Copilot (I've it via llm tool and patched litellm before). The device auth method immediately fails (I can bypass that path using GITHUB_TOKEN).
To Reproduce Steps to reproduce the behavior:
- Remove any existing github copilot auth config
- Run
goose configure - Select "Github Copilot" provider
Expected behavior The device auth process should trigger and print a URL and device code.
Screenshots
$ rm /home/USER/.config/goose/githubcopilot/info.json
$ goose configure
This will update your existing config file
if you prefer, you can edit it directly at /home/USER/.config/goose/config.yaml
┌ goose-configure
│
◇ What would you like to configure?
│ Configure Providers
│
◇ Which model provider should we use?
│ Github Copilot
│
◇ Model fetch complete
│
◇ Enter a model from that provider:
│ gpt-4.1
│
◇ Execution error: failed to get api info after 3 attempts
│
└ Failed to configure provider: init chat completion request with tool did not succeed.
Please provide following information:
- OS & Arch: [e.g. Ubuntu 22.04.3 LTS x86]
- Interface: CLI
- Version: v1.0.24
- Extensions enabled: None (first time using it)
- Provider & Model: Github Copilot. Tried both
gpt-4oandgpt-4.1)
Additional context
It works if I set GITHUB_TOKEN to a valid user token but this bypasses the device auth flow.
Cc @rockwotj as the auth of the provider code.
@kanaka can you check your logs for what this log line is: https://github.com/block/goose/blob/1d557161d0b3d9cd391820f2c4a5e29d231badb6/crates/goose/src/providers/githubcopilot.rs#L218
@rockwotj I don't see a log from the "goose configure" process when it fails. However, I noticed a new (maybe related) problem when I use the GITHUB_TOKEN workaround. After using it for a while, I get an auth error:
( O)> [A CODE CHANGE REQUEST]
◐ Validating variables... 2025-06-05T02:09:59.694638Z WARN goose::providers::githubcopilot: failed to refresh api info: Failed to access keyring: Platform secure storage failure: DBus error: The name org.freedesktop.secrets was not provided by any .service files
at crates/goose/src/providers/githubcopilot.rs:174
2025-06-05T02:09:59.695021Z WARN goose::providers::githubcopilot: failed to refresh api info: Failed to access keyring: Platform secure storage failure: DBus error: The name org.freedesktop.secrets was not provided by any .service files
at crates/goose/src/providers/githubcopilot.rs:174
2025-06-05T02:09:59.695351Z WARN goose::providers::githubcopilot: failed to refresh api info: Failed to access keyring: Platform secure storage failure: DBus error: The name org.freedesktop.secrets was not provided by any .service files
at crates/goose/src/providers/githubcopilot.rs:174
2025-06-05T02:09:59.695635Z ERROR goose::agents::agent: Error: Execution error: failed to get api info after 3 attempts
at crates/goose/src/agents/agent.rs:527
Ran into this error: Execution error: failed to get api info after 3 attempts.
Please retry if you think this is a transient or recoverable error.
And here is what that failure looks like in the log:
{"timestamp":"2025-06-05T02:09:59.688283Z","level":"DEBUG","fields":{"user_message":"[A CODE CHANGE REQUEST]"},"target":"goose::agents::agent","span":{"name":"reply"},"spans":[{"name":"reply"}]}
{"timestamp":"2025-06-05T02:09:59.694595Z","level":"WARN","fields":{"message":"failed to refresh api info: Failed to access keyring: Platform secure storage failure: DBus error: The name org.freedesktop.secrets was not provided by any .service files"},"target":"goose::providers::githubcopilot","span":{"name":"complete"},"spans":[{"name":"complete"}]}
{"timestamp":"2025-06-05T02:09:59.695009Z","level":"WARN","fields":{"message":"failed to refresh api info: Failed to access keyring: Platform secure storage failure: DBus error: The name org.freedesktop.secrets was not provided by any .service files"},"target":"goose::providers::githubcopilot","span":{"name":"complete"},"spans":[{"name":"complete"}]}
{"timestamp":"2025-06-05T02:09:59.695331Z","level":"WARN","fields":{"message":"failed to refresh api info: Failed to access keyring: Platform secure storage failure: DBus error: The name org.freedesktop.secrets was not provided by any .service files"},"target":"goose::providers::githubcopilot","span":{"name":"complete"},"spans":[{"name":"complete"}]}
{"timestamp":"2025-06-05T02:09:59.695620Z","level":"ERROR","fields":{"message":"Error: Execution error: failed to get api info after 3 attempts"},"target":"goose::agents::agent"}
{"timestamp":"2025-06-05T02:19:47.985300Z","level":"DEBUG","fields":{"message":"Stdout handler completed: ()"},"target":"mcp_client::transport::stdio"}
Using GOOSE_DISABLE_KEYRING=1 did seem to work around both issues (the device auth flow and the eventual refresh error).
Could the lack of a keyring be auto-detected?
I am facing the same issue in Windows. And adding that environment variable didn't help either.
