Describe the bug
Running gh auth status reports account as active, but API calls use another account.
> gh --version
gh version 2.63.0 (1980-01-01)
https://github.com/cli/cli/releases/tag/v2.63.0
Steps to reproduce the behavior
- You have two users on same hostname
github.com, last active account is user1.
- Switch to another folder with custom
GH_CONFIG_DIR (via direnv), with a custom config which has one user user2
- Run
gh auth status
> gh auth status
github.com
✓ Logged in to github.com account user2 (keyring)
- Active account: true
- Git operations protocol: ssh
- Token: gho_************************************
- Token scopes: 'gist', 'read:org', 'repo', 'workflow'
- Run
gh api /user | jq .name => prints user1, contradicting auth status output
The expected behavior is to use the token for the given host+user of current repository without needing to gh auth switch, and report active account correctly.
Context
Active token is fetched from keyring using only hostname
|
// ActiveToken will retrieve the active auth token for the given hostname, |
|
// searching environment variables, plain text config, and |
|
// lastly encrypted storage. |
|
func (c *AuthConfig) ActiveToken(hostname string) (string, string) { |
|
if c.tokenOverride != nil { |
|
return c.tokenOverride(hostname) |
|
} |
|
token, source := ghauth.TokenFromEnvOrConfig(hostname) |
|
if token == "" { |
|
var err error |
|
token, err = c.TokenFromKeyring(hostname) |
|
if err == nil { |
|
source = "keyring" |
|
} |
|
} |
|
return token, source |
|
} |
Related to #9111 (comment))
Describe the bug
Running
gh auth statusreports account as active, but API calls use another account.> gh --version gh version 2.63.0 (1980-01-01) https://github.com/cli/cli/releases/tag/v2.63.0Steps to reproduce the behavior
github.com, last active account isuser1.GH_CONFIG_DIR(via direnv), with a custom config which has one useruser2gh auth statusgh api /user | jq .name=> printsuser1, contradictingauth statusoutputThe expected behavior is to use the token for the given
host+userof current repository without needing togh auth switch, and report active account correctly.Context
Active token is fetched from keyring using only hostname
cli/internal/config/config.go
Lines 202 to 218 in 5402e20
Related to #9111 (comment))