Warn about missing OAuth scopes when reporting HTTP 4xx errors

If a 4xx server response lists scopes in the X-Accepted-Oauth-Scopes header that are not present in the X-Oauth-Scopes header, the final error messaging on stderr will now include a hint for the user that they might need to request the additional scope: $ gh codespace list error getting codespaces: HTTP 403: Must have admin rights to Repository. (https://api.github.com/user/codespaces?per_page=30) This API operation needs the "codespace" scope. To request it, run: gh auth refresh -h github.com -s codespace
2021-10-13 23:24:14 +02:00 · 2021-10-13 23:24:14 +02:00 · 2ca18e0600
commit 2ca18e0600
parent 9f1a1d8805
7 changed files with 165 additions and 58 deletions
--- a/cmd/gh/main.go
+++ b/cmd/gh/main.go
@ -226,6 +226,8 @@ func mainRun() exitCode {
 			fmt.Fprintln(stderr, "Try authenticating with:  gh auth login")
 		} else if strings.Contains(err.Error(), "Resource protected by organization SAML enforcement") {
 			fmt.Fprintln(stderr, "Try re-authenticating with:  gh auth refresh")
+		} else if msg := httpErr.ScopesSuggestion(); msg != "" {
+			fmt.Fprintln(stderr, msg)
 		}

 		return exitError