Merge pull request #58 from alex-feel/alex-feel-dev

alex-feel · web-flow · commit 05aaf34df2cd · 2025-09-05T14:08:38.000+03:00
Convert GitLab web URLs to API format for authentication
diff --git a/README.md b/README.md
@@ -36,8 +36,14 @@ iex (irm 'https://raw.githubusercontent.com/alex-feel/claude-code-toolbox/main/s
 
 ##### Option 5: Using private repository configurations
 ```powershell
-# For private GitLab repositories
-$env:CLAUDE_ENV_CONFIG='https://gitlab.company.com/path/to/config.yaml'
+# For private GitLab repositories (supports both web and API URLs)
+# Web URL format (automatically converted to API format):
+$env:CLAUDE_ENV_CONFIG='https://gitlab.company.com/namespace/project/-/raw/main/path/to/config.yaml'
+$env:GITLAB_TOKEN='glpat-YOUR-TOKEN-HERE'
+iex (irm 'https://raw.githubusercontent.com/alex-feel/claude-code-toolbox/main/scripts/windows/setup-environment.ps1')
+
+# API URL format (if you prefer to use it directly):
+$env:CLAUDE_ENV_CONFIG='https://gitlab.company.com/api/v4/projects/namespace%2Fproject/repository/files/path%2Fto%2Fconfig.yaml/raw?ref=main'
 $env:GITLAB_TOKEN='glpat-YOUR-TOKEN-HERE'
 iex (irm 'https://raw.githubusercontent.com/alex-feel/claude-code-toolbox/main/scripts/windows/setup-environment.ps1')
 
@@ -47,7 +53,7 @@ $env:GITHUB_TOKEN='ghp_YOUR-TOKEN-HERE'
 iex (irm 'https://raw.githubusercontent.com/alex-feel/claude-code-toolbox/main/scripts/windows/setup-environment.ps1')
 
 # One-liner with escaping (use -NoExit to see any errors)
-powershell -NoProfile -NoExit -ExecutionPolicy Bypass -Command "`$env:CLAUDE_ENV_CONFIG='https://gitlab.company.com/path/to/config.yaml'; `$env:GITLAB_TOKEN='glpat-YOUR-TOKEN'; iex (irm 'https://raw.githubusercontent.com/alex-feel/claude-code-toolbox/main/scripts/windows/setup-environment.ps1')"
+powershell -NoProfile -NoExit -ExecutionPolicy Bypass -Command "`$env:CLAUDE_ENV_CONFIG='https://gitlab.company.com/namespace/project/-/raw/main/config.yaml'; `$env:GITLAB_TOKEN='glpat-YOUR-TOKEN'; iex (irm 'https://raw.githubusercontent.com/alex-feel/claude-code-toolbox/main/scripts/windows/setup-environment.ps1')"
 ```
 
 #### macOS
@@ -58,8 +64,8 @@ CLAUDE_ENV_CONFIG=python curl -fsSL https://raw.githubusercontent.com/alex-feel/
 # Local config file
 CLAUDE_ENV_CONFIG=./my-env.yaml curl -fsSL https://raw.githubusercontent.com/alex-feel/claude-code-toolbox/main/scripts/macos/setup-environment.sh | bash
 
-# Private GitLab repository
-CLAUDE_ENV_CONFIG='https://gitlab.company.com/path/to/config.yaml' \
+# Private GitLab repository (web URL - auto-converted)
+CLAUDE_ENV_CONFIG='https://gitlab.company.com/namespace/project/-/raw/main/config.yaml' \
 GITLAB_TOKEN='glpat-YOUR-TOKEN' \
 curl -fsSL https://raw.githubusercontent.com/alex-feel/claude-code-toolbox/main/scripts/macos/setup-environment.sh | bash
 
@@ -77,8 +83,8 @@ CLAUDE_ENV_CONFIG=python curl -fsSL https://raw.githubusercontent.com/alex-feel/
 # Local config file
 CLAUDE_ENV_CONFIG=./my-env.yaml curl -fsSL https://raw.githubusercontent.com/alex-feel/claude-code-toolbox/main/scripts/linux/setup-environment.sh | bash
 
-# Private GitLab repository
-CLAUDE_ENV_CONFIG='https://gitlab.company.com/path/to/config.yaml' \
+# Private GitLab repository (web URL - auto-converted)
+CLAUDE_ENV_CONFIG='https://gitlab.company.com/namespace/project/-/raw/main/config.yaml' \
 GITLAB_TOKEN='glpat-YOUR-TOKEN' \
 curl -fsSL https://raw.githubusercontent.com/alex-feel/claude-code-toolbox/main/scripts/linux/setup-environment.sh | bash
 
@@ -146,9 +152,12 @@ For configurations stored in private repositories, you need to provide authentic
 
 - **Use `-NoExit` flag on Windows**: When running from PowerShell shortcuts or Run dialog, add `-NoExit` to see any authentication errors
 - **Check token permissions**: Ensure your token has read access to the repository and all referenced resources
-- **URL format matters**: Use the raw file URL, not the web interface URL
-  - GitLab: `https://gitlab.com/api/v4/projects/{id}/repository/files/{path}/raw`
-  - GitHub: `https://raw.githubusercontent.com/{org}/{repo}/{branch}/{path}`
+- **GitLab URLs**: Both web and API formats are supported
+  - Web format (auto-converted): `https://gitlab.com/namespace/project/-/raw/branch/path/to/file`
+  - API format: `https://gitlab.com/api/v4/projects/namespace%2Fproject/repository/files/path%2Fto%2Ffile/raw?ref=branch`
+  - The setup script automatically converts web URLs to API format for authentication
+- **GitHub URLs**: Use raw content URL
+  - Format: `https://raw.githubusercontent.com/{org}/{repo}/{branch}/{path}`
 
 ---
 
diff --git a/scripts/setup_environment.py b/scripts/setup_environment.py
@@ -162,6 +162,96 @@ def detect_repo_type(url: str) -> str | None:
     return None
 
 
+def convert_gitlab_url_to_api(url: str) -> str:
+    """Convert GitLab web UI URL to API URL for authentication.
+
+    GitLab web UI URLs don't accept API tokens via headers.
+    We need to use the API endpoint for private repo access.
+
+    Converts:
+    - From: https://gitlab.com/namespace/project/-/raw/branch/path/to/file
+    - To: https://gitlab.com/api/v4/projects/namespace%2Fproject/repository/files/path%2Fto%2Ffile/raw?ref=branch
+
+    Args:
+        url: GitLab web UI raw URL
+
+    Returns:
+        GitLab API URL that accepts PRIVATE-TOKEN header
+    """
+    # Check if it's already an API URL
+    if '/api/v4/projects/' in url:
+        return url
+
+    # Check if it's a GitLab web UI raw URL
+    if '/-/raw/' not in url:
+        return url  # Not a GitLab raw URL, return as-is
+
+    # Parse the URL to extract components
+    # Format: https://gitlab.com/namespace/project/-/raw/branch/path/to/file?query
+    try:
+        # Split off query parameters first
+        base_url, _, query = url.partition('?')
+
+        # Extract the domain and path
+        if base_url.startswith('https://'):
+            domain_end = base_url.index('/', 8)  # Find end of domain after https://
+            domain = base_url[:domain_end]
+            path = base_url[domain_end + 1:]  # Skip the /
+        elif base_url.startswith('http://'):
+            domain_end = base_url.index('/', 7)  # Find end of domain after http://
+            domain = base_url[:domain_end]
+            path = base_url[domain_end + 1:]  # Skip the /
+        else:
+            return url  # Unknown format
+
+        # Split the path by /-/raw/
+        parts = path.split('/-/raw/')
+        if len(parts) != 2:
+            return url  # Unexpected format
+
+        project_path = parts[0]  # e.g., "ai/claude-code-configs"
+        remainder = parts[1]     # e.g., "main/environments/examples/file.yaml"
+
+        # Split remainder into branch and file path
+        # The branch is the first part before /
+        branch_end = remainder.find('/')
+        if branch_end == -1:
+            # No file path, just branch
+            branch = remainder
+            file_path = ''
+        else:
+            branch = remainder[:branch_end]
+            file_path = remainder[branch_end + 1:]
+
+        # URL-encode the project path for API (namespace/project -> namespace%2Fproject)
+        encoded_project = urllib.parse.quote(project_path, safe='')
+
+        # URL-encode the file path for API
+        encoded_file = urllib.parse.quote(file_path, safe='')
+
+        # Extract ref parameter from query if present (it overrides branch)
+        ref = branch
+        if query:
+            # Parse query parameters
+            params = urllib.parse.parse_qs(query)
+            # Check for ref or ref_type parameters
+            if 'ref' in params:
+                ref = params['ref'][0]
+            elif 'ref_type' in params and branch:
+                # ref_type is just metadata, use the branch from path
+                ref = branch
+
+        # Build the API URL
+        api_url = f'{domain}/api/v4/projects/{encoded_project}/repository/files/{encoded_file}/raw?ref={ref}'
+
+        info('Converted GitLab URL to API format for authentication')
+        return api_url
+
+    except (ValueError, IndexError) as e:
+        warning(f'Could not convert GitLab URL to API format: {e}')
+        return url  # Return original if conversion fails
+
+
 def get_auth_headers(url: str, auth_param: str | None = None) -> dict[str, str]:
     """Get authentication headers using multiple fallback methods.
 
@@ -524,6 +614,13 @@ def fetch_url_with_auth(url: str, auth_headers: dict[str, str] | None = None, au
         HTTPError: If the HTTP request fails after authentication attempts
         URLError: If there's a URL/network error (including SSL issues)
     """
+    # Convert GitLab web URLs to API URLs for authentication
+    original_url = url
+    if detect_repo_type(url) == 'gitlab' and '/-/raw/' in url:
+        url = convert_gitlab_url_to_api(url)
+        if url != original_url:
+            info(f'Using API URL: {url}')
+
     # First try without auth (for public repos)
     try:
         request = Request(url)
