Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
microsoft
GitHub Repository: microsoft/vscode
 Path: blob/main/build/lib/policies/exportPolicyData.ts
13383 views
1
/*---------------------------------------------------------------------------------------------

2
 *  Copyright (c) Microsoft Corporation. All rights reserved.

3
 *  Licensed under the MIT License. See License.txt in the project root for license information.

4
 *--------------------------------------------------------------------------------------------*/

5


6
import { execSync, execFileSync } from 'child_process';

7
import { resolve } from 'path';

8


9
const rootPath = resolve(import.meta.dirname, '..', '..', '..');

10


11
// VS Code OAuth app client ID (same as the GitHub Authentication extension)

12
const CLIENT_ID = '01ab8ac9400c4e429b23';

13


14
/**

15
 * Acquires a GitHub token via the OAuth device flow.

16
 * Opens the browser for the user to authorize, then polls for the token.

17
 */

18
async function acquireTokenViaDeviceFlow(): Promise<string> {

19
	const response1 = await (await fetch('https://github.com/login/device/code', {

20
		method: 'POST',

21
		body: JSON.stringify({ client_id: CLIENT_ID, scope: 'repo' }),

22
		headers: { 'Accept': 'application/json', 'Content-Type': 'application/json' },

23
	})).json() as { user_code: string; device_code: string; verification_uri: string; expires_in: number; interval: number };

24


25
	console.log(`\n  Copy this code: ${response1.user_code}`);

26
	console.log(`  Then open: ${response1.verification_uri}`);

27
	console.log(`  Waiting for authorization (up to ${response1.expires_in}s)...\n`);

28


29
	let expiresIn = response1.expires_in;

30
	while (expiresIn > 0) {

31
		await new Promise(resolve => setTimeout(resolve, 1000 * response1.interval));

32
		expiresIn -= response1.interval;

33


34
		const response2 = await (await fetch('https://github.com/login/oauth/access_token', {

35
			method: 'POST',

36
			body: JSON.stringify({

37
				client_id: CLIENT_ID,

38
				device_code: response1.device_code,

39
				grant_type: 'urn:ietf:params:oauth:grant-type:device_code',

40
			}),

41
			headers: { 'Accept': 'application/json', 'Content-Type': 'application/json' },

42
		})).json() as { access_token?: string };

43


44
		if (response2.access_token) {

45
			return response2.access_token;

46
		}

47
	}

48


49
	throw new Error('Timed out waiting for GitHub authorization');

50
}

51


52
// Ensure sources are transpiled

53
console.log('Transpiling client sources...');

54
execSync('npm run transpile-client', { cwd: rootPath, stdio: 'inherit' });

55


56
// Set up GITHUB_TOKEN if not already set

57
if (!process.env['GITHUB_TOKEN'] && !process.env['DISTRO_PRODUCT_JSON']) {

58
	// Try gh CLI first (fast, non-interactive)

59
	let token: string | undefined;

60
	try {

61
		token = execFileSync('gh', ['auth', 'token'], { encoding: 'utf8' }).trim();

62
		console.log('Set GITHUB_TOKEN from gh CLI.');

63
	} catch {

64
		// Fall back to OAuth device flow (interactive)

65
		console.log('gh CLI not available, starting GitHub OAuth device flow...');

66
		token = await acquireTokenViaDeviceFlow();

67
		console.log('GitHub authorization successful.');

68
	}

69


70
	process.env['GITHUB_TOKEN'] = token;

71
}

72


73
// Run the export

74
console.log('Exporting policy data...');

75
const codeScript = process.platform === 'win32'

76
	? resolve(rootPath, 'scripts', 'code.bat')

77
	: resolve(rootPath, 'scripts', 'code.sh');

78


79
execSync(`"${codeScript}" --export-policy-data`, {

80
	cwd: rootPath,

81
	stdio: 'inherit',

82
	env: process.env,

83
});

84


85
console.log('\nPolicy data exported to build/lib/policies/policyData.jsonc');

86


87