auth: add per-owner account mapping to fix multi-account token selection#13130
Closed
galamdring wants to merge 1 commit into
Closed
auth: add per-owner account mapping to fix multi-account token selection#13130galamdring wants to merge 1 commit into
galamdring wants to merge 1 commit into
Conversation
When multiple GitHub accounts are configured for the same host, gh always uses the globally active account's token regardless of which org or user owns the current repo. This causes commands to silently authenticate as the wrong user. This change adds an owner-to-user mapping stored in hosts.yml, and automatically selects the correct token based on the repo owner resolved from git remotes at HTTP client construction time. A new command 'gh auth set-user --owner <owner> <username>' manages the mappings. Fixes cli#12885
|
Thanks for your pull request! Unfortunately, it doesn't meet the minimum requirements for review:
Please update your PR to address the above. Requirements:
This PR will be automatically closed in 7 days if these requirements are not met. |
Author
|
@BagToad This is a real pain point with this tool, there have been many issues opened about it, and it would be greatly appreciated if you would reconsider closing this PR. Everything is in place to handle multiple accounts properly, and the only thing that needed to be added was a way to connect the appropriate user to orgs, and it avoids the global switch every time the user switches contexts. |
This was referenced Apr 10, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes #12885.
The root cause identified in #12885 is that token retrieval doesn't use the account name as a filter —
TokenFromKeyringlooks up by service only (gh:github.com), so macOS Keychain returns an arbitrary entry when multiple accounts share the same host.TokenFromKeyringForUseralready does the right thing, but isn't always called with the right user.Rather than fixing the lookup in isolation, this PR approaches the problem from the usage side: automatically select the correct authenticated user based on who owns the current repo, so the right token is retrieved without any manual switching.
What this adds
gh auth set-user --owner <owner> <username>— stores an owner→user mapping inhosts.yml:Automatic token selection — when running any
ghcommand inside a repo, the owner is resolved from the git remote and used to look up the mapped user before falling back to the globally active user. This happens inhttpClientFuncin the factory, covering every API call with no per-command changes.Design notes
tokenGetterorAddAuthTokenHeaderownerskey is new and ignored by olderghversions (unrecognized keys are not an error in the config library)internal/config/config.go,internal/gh/gh.go,pkg/cmd/factory/default.go, newpkg/cmd/auth/setuser/package, one line inpkg/cmd/auth/auth.goTesting
New table-driven tests cover
UserForOwner/SetOwnerUserround-trip,ActiveTokenowner mapping (keyring and insecure storage), fallback when no mapping exists, andgh auth set-userflag parsing and run logic.All existing tests pass.