Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

"share -> create gist" never responds

See original GitHub issue

Vega-Editor 0.91.1

the gist integration is great, except when i hit the create button in share -> create gist, after logging in to github and filling in info for the file. it never responds. everything works fine if i manually create the gist from within github.

i think it would be nice to have the create option under the gist tab too, sometimes i forget to look under share

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Comments:15 (6 by maintainers)

github_iconTop GitHub Comments

2reactions
ankohcommented, Feb 3, 2022

All you need the server for right now is to hide the client secret of your GitHub App by proxying it through a server. E.g. if your server just fires this on behalf of the user:

// Request token from GitHub
const data = new FormData();
data.append('client_id', YOUR_GH_CLIENT_ID);
data.append('client_secret', YOUR_GH_SECRET);
data.append('code', code);
const response = await fetch('https://github.com/login/oauth/access_token', {
    method: 'POST',
    body: data,
});

Your app secret stays hidden and you can return the access token to the user. Any further talking with the GitHub API (e.g. about gists) is then done directly between the Client and GitHub. You could also just throw this into a Cloudflare worker function tbh.

Ref: https://docs.github.com/en/developers/apps/building-oauth-apps/authorizing-oauth-apps#web-application-flow

0reactions
declanncommented, Feb 4, 2022

Hi,

The auth approach sounds like a great dev - thanks @ankoh, but not something I can look at atm - though this might suit me later in the year. A Cloudflare worker type approach sounds like a great idea.

Here is the limit I think we hit: 100kb default in express bodyParser: https://github.com/expressjs/body-parser#limit (I’ve had success with 90kb spec uploads, slightly less than 100kb and over no (there is non-spec boilerplate))

We should put for example {limit: ‘1mb’} in https://github.com/vega/editor-backend/blob/cb2813a0035990746136ec36ea04b98d7ea25034/src/app.ts#L83

Making people deal with a 100kb limit and calling it out in the UI is another good approach.

If you want me to PR and do basic test for backend limit to 1mb I can do that next week: it seems pretty trivial though.

Cheers Declan

On Thu, 3 Feb 2022 at 09:09, André Kohn @.***> wrote:

All you need the server for right now is to hide the client secret of your GitHub App by proxying it through a server. E.g. if your server just fires this:

        // Request token from GitHub
        const data = new FormData();
        data.append('client_id', YOUR_GH_CLIENT_ID);
        data.append('client_secret', YOUR_GH_SECRET);
        data.append('code', code);
        const response = await fetch('https://github.com/login/oauth/access_token', {
            method: 'POST',
            body: data,
        });

Your app secret stays hidden and you can return the access token to the user. Any further talking with the GitHub API is then done directly between the Client and GitHub. You could also just throw this into a Cloudflare worker function tbh.

— Reply to this email directly, view it on GitHub https://github.com/vega/editor/issues/843#issuecomment-1028763659, or unsubscribe https://github.com/notifications/unsubscribe-auth/AACWHPUXB3NK3NWNWAOF35TUZJA6HANCNFSM4TAI2K3Q . You are receiving this because you commented.Message ID: @.***>

– __

Séanadh Ríomhphoist/_

Email Disclaimer__ **

Tá an ríomhphost seo agus aon chomhad a sheoltar leis faoi rún agus is lena úsáid ag an seolaí agus sin amháin é. Is féidir tuilleadh a léamh anseo. https://www.dcu.ie/iss/seanadh-riomhphoist.shtml  https://www4.dcu.ie/iss/seanadh-riomhphoist.shtml* _

This e-mail and any files transmitted with it are confidential and are intended solely for use by the addressee. Read more here. https://www.dcu.ie/iss/email-disclaimer.shtml _ *_

Read more comments on GitHub >

github_iconTop Results From Across the Web

Organization gists · Discussion #7923 - GitHub
As an organisation we want to publish code snippets on public blogs and share them publicly, and we think Github Gists would be...
Read more >
Cannot push to GitHub: Gist does not support directories
The Gist UI handles this a bit weird: it seems to flatten out the directory structure, and display files across all directories.
Read more >
If You Have a Gastrointestinal Stromal Tumor (GIST)
If you or someone you know has just been diagnosed with a gastrointestinal stromal tumor (GIST), this short, simple guide can help.
Read more >
The GIST of Advances in Treatment of ... - ASCO Journals
If the tumor has not responded, then the tumor may be imatinib-insensitive because it contains a PDGFRA D842V mutation or lacks a KIT...
Read more >
GitHub Gist API with cURL and Ajax - TechSlides
I had seen the GitHub API before but never considered that it extends ... The response to this cURL request had a token...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Error thrown when using tooltips and dynamic data

Next page

Auto popout autocompletion descriptions