Skip to content

feat: Implement OAuth flows + DefaultTokenManager (#9) #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
beengud merged 1 commit into from
Dec 6, 2025
Merged

feat: Implement OAuth flows + DefaultTokenManager (#9) #13

beengud merged 1 commit into from
Dec 6, 2025

Conversation

@beengud
Copy link
Contributor

@beengud beengud commented Dec 6, 2025

Summary

  • Introduced oauth module with PKCE and device-code flows
  • Added ProviderRegistry with GitHub, Spotify, Google configs
  • Implemented DefaultTokenManager with token refresh logic

Changes

  • sigilforge-core/src/oauth/ - PKCE and device code implementations
  • sigilforge-core/src/provider.rs - Provider registry
  • sigilforge-core/src/token_manager.rs - DefaultTokenManager
  • sigilforge-core/tests/token_refresh.rs - 11 integration tests

Test plan

  • ensure_access_token refreshes when expired
  • Clean error handling when refresh fails
  • TokenSet persists via SecretStore
  • All tests pass with --features oauth

Closes #9

🤖 Generated with Claude Code

@claude
feat: add KeyringStore and secure secret backend selection (#8)
217ecdb 
This commit implements GitHub Issue #8, adding OS keyring-backed secret
storage with graceful fallback to MemoryStore when the keyring is unavailable.

Changes:
- Refactored store.rs into modular structure (store/mod.rs, store/memory.rs)
- Implemented KeyringStore behind keyring-store feature flag
- Added create_store() helper that selects backend based on feature availability
- KeyringStore uses platform native keyrings (macOS Keychain, Linux Secret Service, Windows Credential Manager)
- Graceful fallback to MemoryStore with clear warning logs when keyring unavailable
- Added comprehensive tests including platform-aware keyring tests
- Tests handle headless environments where keyring daemon may not be running

Implementation Details:
- KeyringStore implements SecretStore trait for OS keyring operations
- create_store() attempts KeyringStore first if prefer_keyring=true
- Falls back to MemoryStore if keyring backend unavailable
- Includes appropriate logging at info/warn/debug levels
- list_keys() operation not supported by keyring backend (limitation of platform APIs)

Testing:
- All 31 tests pass including keyring-specific tests
- Tests gracefully skip or adapt when keyring daemon unavailable
- Documented platform requirements and limitations

Fixes #8

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <[email protected]>
@beengud beengud merged commit 1a6e8c2 into main Dec 6, 2025
22 of 24 checks passed
@beengud beengud deleted the feat/issue-9-oauth-flows branch December 6, 2025 21:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Implement OAuth flows + DefaultTokenManager for initial providers

2 participants

@beengud