GitHub Copilot OAuth provider - device flow authentication + token lifecycle.
Auth flow:
ghu_...)api.github.com/copilot_internal/v2/tokenToken detection priority (same as Copilot CLI):
~/.vis/github-copilot-auth.jsonCOPILOT_GITHUB_TOKEN env varGH_TOKEN env varGITHUB_TOKEN env varcopilot-cli service) - if security CLI availableWorks with both Individual and Business/Enterprise plans.
Enterprise users can pass :enterprise-domain for GHE.
GitHub Copilot OAuth provider - device flow authentication + token lifecycle. Auth flow: 1. Device flow -> user visits github.com/login/device, enters code 2. Poll until authorized -> receive OAuth token (`ghu_...`) 3. Exchange OAuth token for short-lived Copilot API token via `api.github.com/copilot_internal/v2/token` 4. Auto-refresh the API token before expiry Token detection priority (same as Copilot CLI): 1. Persisted OAuth token in `~/.vis/github-copilot-auth.json` 2. `COPILOT_GITHUB_TOKEN` env var 3. `GH_TOKEN` env var 4. `GITHUB_TOKEN` env var 5. macOS Keychain (`copilot-cli` service) - if `security` CLI available Works with both Individual and Business/Enterprise plans. Enterprise users can pass `:enterprise-domain` for GHE.
(authenticated?)True if we have a usable OAuth token from any source.
True if we have a usable OAuth token from any source.
(detect-oauth-token)Detect an existing OAuth token from all known sources. Returns {:oauth-token str :source keyword} or nil.
Detect an existing OAuth token from all known sources.
Returns {:oauth-token str :source keyword} or nil.(get-copilot-token!)(get-copilot-token! opts)Get a valid Copilot API token, refreshing if needed. Uses cached token if still valid, otherwise exchanges the OAuth token. Returns {:token str :api-url str :llm-headers map} or throws.
Opts: :enterprise-domain - for GHE (e.g. "github.mycompany.com")
Get a valid Copilot API token, refreshing if needed.
Uses cached token if still valid, otherwise exchanges the OAuth token.
Returns {:token str :api-url str :llm-headers map} or throws.
Opts:
:enterprise-domain - for GHE (e.g. "github.mycompany.com")(logout!)Clear all cached and persisted tokens.
Clear all cached and persisted tokens.
(poll-for-token! device-code interval)(poll-for-token! device-code interval expires-in)(poll-for-token! device-code
interval
expires-in
{:keys [enterprise-domain] :as opts})Poll GitHub for the OAuth access token after user has authorized. Blocks until authorized, denied, or expired. Returns {:oauth-token str} on success, throws on failure.
device-code - from start-device-flow!
interval - poll interval in seconds (from start-device-flow!)
expires-in - max wait in seconds
Poll GitHub for the OAuth access token after user has authorized.
Blocks until authorized, denied, or expired.
Returns {:oauth-token str} on success, throws on failure.
`device-code` - from start-device-flow!
`interval` - poll interval in seconds (from start-device-flow!)
`expires-in` - max wait in seconds(start-device-flow!)(start-device-flow! {:keys [enterprise-domain]})Start the GitHub OAuth device flow. Returns {:user-code :verification-uri :device-code :interval :expires-in}. The caller must display user-code and verification-uri to the user.
Start the GitHub OAuth device flow.
Returns {:user-code :verification-uri :device-code :interval :expires-in}.
The caller must display user-code and verification-uri to the user.(status)(status opts)Return a status map describing the current auth state. {:authenticated? bool :source keyword :oauth-token-preview str :account-type keyword :copilot-token-valid? bool :expires-in-ms long}
Return a status map describing the current auth state.
{:authenticated? bool :source keyword :oauth-token-preview str
:account-type keyword :copilot-token-valid? bool :expires-in-ms long}cljdoc builds & hosts documentation for Clojure/Script libraries
| Ctrl+k | Jump to recent docs |
| ← | Move to previous article |
| → | Move to next article |
| Ctrl+/ | Jump to the search field |