Skip to content

Merge CLI login/logout support into main#374

Merged
RasulOs merged 5 commits into
mainfrom
merge-373-to-main
Jun 22, 2026
Merged

Merge CLI login/logout support into main#374
RasulOs merged 5 commits into
mainfrom
merge-373-to-main

Conversation

@RasulOs

@RasulOs RasulOs commented Jun 22, 2026

Copy link
Copy Markdown
Collaborator

Brings PR #373 changes from feat/cloud-device-cli into main. Also includes validation fixes needed for the requested locked sync, ruff, pytest, compileall, and lock checks to pass.

sleynsol and others added 5 commits June 22, 2026 15:58
Port of the mobilerun-ios deviceauth flow (RFC 8628): request a device code,
open the browser to the verification URL, poll the better-auth token endpoint,
and persist the session token to credentials/mobilerun-cloud.json (chmod 600).
No API-key minting — the session token is used directly as the Bearer
credential, and resolve_cloud_api_key() now reads it.

Adds `mobilerun login` / `logout` / `whoami` and the deviceauth client module.
feat(cli): `mobilerun login` / `logout` / `whoami` (OAuth 2.0 device flow)
@RasulOs RasulOs merged commit 6dd76c9 into main Jun 22, 2026
5 of 7 checks passed
@mintlify

mintlify Bot commented Jun 22, 2026

Copy link
Copy Markdown

Docs PR opened: https://github.com/droidrun/mobilerun-docs/pull/23

Documented new CLI commands login, logout, and whoami, plus cloud device targeting flags for devices and device subcommands.

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 8a841c4000

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

"""Persist the session token to the credentials dir (chmod 600)."""
path = credential_path()
path.parent.mkdir(parents=True, exist_ok=True)
path.write_text(json.dumps({"access_token": token, "auth_url": auth_url}))

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Create the credential file with restrictive permissions

When this file is created on systems with a permissive umask, Path.write_text() writes the saved bearer token using the default create mode before line 148 tightens it, and a crash between these two calls can leave mobilerun-cloud.json group/world-readable. Create the file with mode 0600 before writing (or write to a securely-created temp file and atomically replace it) so the token is never exposed with broader permissions.

Useful? React with 👍 / 👎.

@RasulOs RasulOs deleted the merge-373-to-main branch June 25, 2026 09:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants