clone/gemini-cli
1
0
Fork 0
mirror of https://github.com/google-gemini/gemini-cli.git synced 2026-06-01 19:03:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Allow telemetry exporters to GCP to utilize user's login credentials, if requested (#13778)

Browse Source
This commit is contained in:
Marat Boshernitsan
2025-12-02 21:27:37 -08:00
committed by GitHub
parent 24a76f6354
commit 86c4a55012
26 changed files with 994 additions and 428 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
packages/core/src/code_assist/oauth2.ts
View File

@@ -15,6 +15,7 @@ import * as http from 'node:http';
import url from 'node:url';
import crypto from 'node:crypto';
import * as net from 'node:net';
import { EventEmitter } from 'node:events';
import open from 'open';
import path from 'node:path';
import { promises as fs } from 'node:fs';
@@ -45,6 +46,22 @@ import {
} from '../utils/terminal.js';
import { coreEvents, CoreEvent } from '../utils/events.js';
export const authEvents = new EventEmitter();
async function triggerPostAuthCallbacks(tokens: Credentials) {
// Construct a JWTInput object to pass to callbacks, as this is the
// type expected by the downstream Google Cloud client libraries.
const jwtInput: JWTInput = {
client_id: OAUTH_CLIENT_ID,
client_secret: OAUTH_CLIENT_SECRET,
refresh_token: tokens.refresh_token ?? undefined, // Ensure null is not passed
type: 'authorized_user',
};
// Execute all registered post-authentication callbacks.
authEvents.emit('post_auth', jwtInput);
}
const userAccountManager = new UserAccountManager();
// OAuth Client ID used to initiate OAuth2Client class.
@@ -139,6 +156,8 @@ async function initOauthClient(
} else {
await cacheCredentials(tokens);
}
await triggerPostAuthCallbacks(tokens);
});
if (credentials) {
@@ -162,6 +181,8 @@ async function initOauthClient(
}
}
debugLogger.log('Loaded cached credentials.');
await triggerPostAuthCallbacks(credentials as Credentials);
return client;
}
} catch (error) {
@@ -570,19 +591,6 @@ async function fetchCachedCredentials(): Promise<
return null;
}
async function cacheCredentials(credentials: Credentials) {
const filePath = Storage.getOAuthCredsPath();
await fs.mkdir(path.dirname(filePath), { recursive: true });
const credString = JSON.stringify(credentials, null, 2);
await fs.writeFile(filePath, credString, { mode: 0o600 });
try {
await fs.chmod(filePath, 0o600);
} catch {
/* empty */
}
}
export function clearOauthClientCache() {
oauthClientPromises.clear();
}
@@ -640,3 +648,16 @@ async function fetchAndCacheUserInfo(client: OAuth2Client): Promise<void> {
export function resetOauthClientForTesting() {
oauthClientPromises.clear();
}
async function cacheCredentials(credentials: Credentials) {
const filePath = Storage.getOAuthCredsPath();
await fs.mkdir(path.dirname(filePath), { recursive: true });
const credString = JSON.stringify(credentials, null, 2);
await fs.writeFile(filePath, credString, { mode: 0o600 });
try {
await fs.chmod(filePath, 0o600);
} catch {
/* empty */
}
}