Enhance GitHub Token Configuration Modal

[xyfer17]

Linked Issue(s)

https://github.com/middlewarehq/middleware/issues/643

Acceptance Criteria fulfillment

• [x] Added support for selecting between classic and fine-grained GitHub tokens.
• [x] Implemented validation logic for token format and type.
• [x] Enhanced error handling and user feedback for token validation.
• [x] Updated API calls to handle different token types and their required scopes.
• [x] Improved UI with toggle buttons for token type selection and dynamic labels.

Proposed changes (including videos or screenshots)

https://github.com/user-attachments/assets/b5339370-d318-4bb4-9ab0-2cf69d9af7d6

https://github.com/user-attachments/assets/20ef6f81-0d29-48d0-add0-c68c79aae36e

Further comments

As per the issue https://github.com/middlewarehq/middleware/issues/643, add GitHub fine grained tokens auth

Summary by CodeRabbit

Summary by CodeRabbit

• New Features

  • Added support for both classic and fine-grained GitHub tokens, including a toggle to select token type.
  • Token input, validation, and submission now adapt dynamically based on the selected token type, with tailored error messages and help links.
  • Permissions and required scopes are displayed and checked according to the chosen token type.
  • Introduced enhanced scope verification for fine-grained tokens with detailed permission checks.

• Bug Fixes

  • Improved focus behavior for the GitHub domain input field.

[coderabbitai[bot]]

[!IMPORTANT]

Review skipped

Review was skipped due to path filters

:no_entry: Files ignored due to path filters (1)

• web-server/public/assets/FST_permissions.png is excluded by !**/*.png

CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including **/dist/** will override the default block on the dist directory, by removing the pattern from both the lists.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

The changes introduce support for both "classic" and "fine-grained" GitHub tokens in the ConfigureGithubModalBody component and related authentication utilities. The UI now allows users to select the token type, with corresponding validation, scope checks, and dynamic help links. Utility functions and API calls were updated to handle both token types appropriately.

Changes

File(s)	Change Summary
web-server/src/content/Dashboards/ConfigureGithubModalBody.tsx	Enhanced to support "classic" and "fine-grained" GitHub tokens, adding token type state, toggle UI, validation, and conditional submission logic.
web-server/src/utils/auth.ts	Added token type detection, fine-grained scope checks, updated checkGitHubValidity to handle token types, and new utility functions for token handling.
web-server/src/constants/style.ts	Added ClassicStyles and FineGrainedStyles arrays defining CSS style objects for UI components.
web-server/src/types/resources.ts	Added GithubTokenType enum with CLASSIC and FINE_GRAINED members.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant ConfigureGithubModalBody
    participant AuthUtils

    User->>ConfigureGithubModalBody: Select token type (classic/fine-grained)
    User->>ConfigureGithubModalBody: Enter token and domain
    ConfigureGithubModalBody->>AuthUtils: getTokenType(token)
    ConfigureGithubModalBody->>AuthUtils: checkGitHubValidity(token, domain, tokenType)
    alt classic token
        ConfigureGithubModalBody->>AuthUtils: getMissingPATScopes(token, domain)
    else fine-grained token
        ConfigureGithubModalBody->>AuthUtils: getMissingFineGrainedScopes(token, domain)
    end
    ConfigureGithubModalBody->>User: Show validation result, errors, or proceed with linking

Poem

In the warren of code, a toggle appears,
Classic or fine-grained, now everyone cheers!
Tokens inspected, scopes checked with care,
New links and labels—no bugs to beware.
Two kinds of access, one modal so bright—
Hop along, GitHub, everything’s right! 🐇✨

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[jayantbh]

The permissions image looks stretched

[xyfer17]

@jayantbh have fixed add new permission image with all required scope

https://github.com/user-attachments/assets/e4f999cb-b447-40b1-81b7-41cebbd61bd3

[jayantbh]

I don't think it needs the Read and WRITE permissions. Isn't just read enough?

[xyfer17]

I don't think it needs the Read and WRITE permissions. Isn't just read enough?

@jayantbh i have updated the image with read only access