Enhance GitHub Token Configuration Modal

[xyfer17]

Linked Issue(s)

#643

Acceptance Criteria fulfillment

• Added support for selecting between classic and fine-grained GitHub tokens.
• Implemented validation logic for token format and type.
• Enhanced error handling and user feedback for token validation.
• Updated API calls to handle different token types and their required scopes.
• Improved UI with toggle buttons for token type selection and dynamic labels.

Proposed changes (including videos or screenshots)

Screen.Recording.2025-06-02.at.3.41.18.PM.mov

Screen.Recording.2025-06-10.at.12.40.06.AM.mov

Further comments

As per the issue #643, add GitHub fine grained tokens auth

Summary by CodeRabbit

Summary by CodeRabbit

• New Features

  • Added support for both classic and fine-grained GitHub tokens, including a toggle to select token type.
  • Token input, validation, and submission now adapt dynamically based on the selected token type, with tailored error messages and help links.
  • Permissions and required scopes are displayed and checked according to the chosen token type.
  • Introduced enhanced scope verification for fine-grained tokens with detailed permission checks.

• Bug Fixes

  • Improved focus behavior for the GitHub domain input field.

[coderabbitai]

Walkthrough

The changes introduce support for both "classic" and "fine-grained" GitHub tokens in the ConfigureGithubModalBody component and related authentication utilities. The UI now allows users to select the token type, with corresponding validation, scope checks, and dynamic help links. Utility functions and API calls were updated to handle both token types appropriately.

Changes

File(s)	Change Summary
web-server/src/content/Dashboards/ConfigureGithubModalBody.tsx	Enhanced to support "classic" and "fine-grained" GitHub tokens, adding token type state, toggle UI, validation, and conditional submission logic.
web-server/src/utils/auth.ts	Added token type detection, fine-grained scope checks, updated checkGitHubValidity to handle token types, and new utility functions for token handling.
web-server/src/constants/style.ts	Added ClassicStyles and FineGrainedStyles arrays defining CSS style objects for UI components.
web-server/src/types/resources.ts	Added GithubTokenType enum with CLASSIC and FINE_GRAINED members.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant ConfigureGithubModalBody
    participant AuthUtils

    User->>ConfigureGithubModalBody: Select token type (classic/fine-grained)
    User->>ConfigureGithubModalBody: Enter token and domain
    ConfigureGithubModalBody->>AuthUtils: getTokenType(token)
    ConfigureGithubModalBody->>AuthUtils: checkGitHubValidity(token, domain, tokenType)
    alt classic token
        ConfigureGithubModalBody->>AuthUtils: getMissingPATScopes(token, domain)
    else fine-grained token
        ConfigureGithubModalBody->>AuthUtils: getMissingFineGrainedScopes(token, domain)
    end
    ConfigureGithubModalBody->>User: Show validation result, errors, or proceed with linking

Loading

Poem

In the warren of code, a toggle appears,
Classic or fine-grained, now everyone cheers!
Tokens inspected, scopes checked with care,
New links and labels—no bugs to beware.
Two kinds of access, one modal so bright—
Hop along, GitHub, everything’s right! 🐇✨

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between eddc7a4 and 4e71010.

📒 Files selected for processing (1)

• web-server/src/content/Dashboards/ConfigureGithubModalBody.tsx (14 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• web-server/src/content/Dashboards/ConfigureGithubModalBody.tsx

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: All file linting

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

🔭 Outside diff range comments (1)

web-server/src/content/Dashboards/ConfigureGithubModalBody.tsx (1)

97-100: ⚠️ Potential issue

Missing tokenType parameter in checkGitHubValidity call.

The function call doesn't pass the tokenType parameter, causing it to always use the default 'classic' type. This will fail for fine-grained tokens.

Apply this fix:

       const isValid = await checkGitHubValidity(
         token.value,
-        customDomain.valueRef.current
+        customDomain.valueRef.current,
+        tokenType.value
       );

🧹 Nitpick comments (1)

web-server/src/content/Dashboards/ConfigureGithubModalBody.tsx (1)

287-375: Unused tokenType prop in TokenPermissions component.

The component receives tokenType but doesn't use it. Is this intentional or should the component display different permission requirements for each token type?

If different permissions should be shown for each token type, consider updating the component to display token-specific information. Otherwise, you can remove the unused prop to keep the code clean.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e0a0582 and 8fb099c.

📒 Files selected for processing (2)

• web-server/src/content/Dashboards/ConfigureGithubModalBody.tsx (13 hunks)
• web-server/src/utils/auth.ts (4 hunks)

🧰 Additional context used

🧬 Code Graph Analysis (2)

web-server/src/utils/auth.ts (2)

web-server/src/constants/urls.ts (1)

• DEFAULT_GH_URL (1-1)

web-server/http-server.js (1)

• axios (5-5)

web-server/src/content/Dashboards/ConfigureGithubModalBody.tsx (1)

web-server/src/utils/auth.ts (4)

• getTokenType (135-139)
• getMissingPATScopes (56-76)
• getMissingFineGrainedScopes (78-103)
• linkProvider (13-27)

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: All file linting

🔇 Additional comments (6)

web-server/src/utils/auth.ts (3)

31-51: LGTM! Proper token type handling implemented.

The function correctly handles both classic and fine-grained tokens with appropriate authorization headers. The default parameter ensures backward compatibility.

---

54-54: Appropriate scope selection for fine-grained tokens.

The defined scopes provide necessary read-only access for repository operations.

---

135-139: Correct token type detection implementation.

The function properly identifies token types based on GitHub's standard prefixes.

web-server/src/content/Dashboards/ConfigureGithubModalBody.tsx (3)

1-35: Good setup for dual token type support.

The new state variables and imports are well-structured. Default token type of 'classic' ensures backward compatibility.

---

54-68: Excellent token validation logic.

The implementation provides clear user feedback when token format doesn't match the selected type, improving the user experience.

---

160-210: Well-designed UI for token type selection.

The toggle button group provides clear selection between token types. Dynamic labels and help links enhance the user experience. Resetting the token on type change prevents confusion.

[jayantbh]

The permissions image looks stretched

[coderabbitai]

Actionable comments posted: 1

🔭 Outside diff range comments (1)

web-server/src/content/Dashboards/ConfigureGithubModalBody.tsx (1)

330-331: RGB component out of range (256) – browsers clamp unpredictably

alpha('rgb(256,0,0)', 0.4) uses 256, which exceeds the 0-255 range and may be clamped differently across renderers. Use 255 instead.

- border: `2px solid ${alpha('rgb(256,0,0)', 0.4)}`,
+ border: `2px solid ${alpha('rgb(255,0,0)', 0.4)}`,

🧹 Nitpick comments (3)

web-server/src/constants/style.ts (1)

1-15: Define a shared Style type to prevent typo-prone string literals

Both ClassicStyles and FineGrainedStyles are arrays of the same shape, yet the object structure is implicit. Declaring a small reusable type (or ReadonlyArray) conveys intent, gives autocompletion, and fails compilation on invalid keys.

+export interface PermissionBoxStyle {
+  height: string; // e.g. '42px'
+  top: string;    // e.g. '230px'
+}

-export const ClassicStyles = [
+export const ClassicStyles: Readonly<PermissionBoxStyle[]> = [
   { height: '42px', top: '230px' },
   ...
 ];
 
-export const FineGrainedStyles = [
+export const FineGrainedStyles: Readonly<PermissionBoxStyle[]> = [
   ...
 ];

web-server/src/content/Dashboards/ConfigureGithubModalBody.tsx (2)

65-78: Return GithubTokenType from getTokenType for stronger type-safety

detectedType is compared against the enum but is currently typed as string ('classic' | 'fine-grained' | 'unknown'). Returning the enum itself avoids stringly-typed bugs and removes the need for implicit comparisons.

-const detectedType = getTokenType(e);           // returns string
+const detectedType = getTokenType(e) as GithubTokenType | 'unknown';

Even better, change the util signature:

export function getTokenType(token: string): GithubTokenType | 'unknown' { ... }

---

367-378: Asset / alt-text naming inconsistency

UI copy refers to "Fine Grained Tokens (FGT)" while the alt text uses FST_permissions.png.
Aligning nomenclature improves accessibility & maintainability.

-  : '/assets/FST_permissions.png'
+  : '/assets/FGT_permissions.png'

-  : 'FST_permissions'
+  : 'FGT_permissions'

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 82a21fa and eddc7a4.

⛔ Files ignored due to path filters (1)

• web-server/public/assets/FST_permissions.png is excluded by !**/*.png

📒 Files selected for processing (2)

• web-server/src/constants/style.ts (1 hunks)
• web-server/src/content/Dashboards/ConfigureGithubModalBody.tsx (14 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: All file linting

🔇 Additional comments (1)

web-server/src/content/Dashboards/ConfigureGithubModalBody.tsx (1)

306-310: Consider also disabling “Confirm” when domain input is invalid

disabled={!isTokenValid.value} blocks submission on token problems, but still allows a click when showDomainError is populated.
Either include that state in the predicate or rely solely on validation inside handleSubmission(); mixing both might confuse users.

-disabled={!isTokenValid.value}
+disabled={!isTokenValid.value || !!showDomainError.value}

[xyfer17]

@jayantbh have fixed add new permission image with all required scope

Screen.Recording.2025-06-17.at.12.16.12.AM.mov

[jayantbh]

I don't think it needs the Read and WRITE permissions. Isn't just read enough?