From 446a2968d80b0adc88c54a1c1a17a05b25e83ea7 Mon Sep 17 00:00:00 2001 From: Jorge Ferrero Date: Sun, 2 Jun 2024 00:22:31 +0200 Subject: [PATCH] Update readme to include go-githubauth for Application auth (#3180) Fixes: #3178. --- README.md | 44 ++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 42 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index b243c795bd9..06922ab780c 100644 --- a/README.md +++ b/README.md @@ -101,8 +101,7 @@ For API methods that require HTTP Basic Authentication, use the #### As a GitHub App #### -GitHub Apps authentication can be provided by the [ghinstallation](https://github.com/bradleyfalzon/ghinstallation) -package. +GitHub Apps authentication can be provided by different pkgs like [ghinstallation](https://github.com/bradleyfalzon/ghinstallation) or [go-githubauth](github.com/jferrl/go-githubauth). > **Note**: Most endpoints (ex. [`GET /rate_limit`]) require access token authentication > while a few others (ex. [`GET /app/hook/deliveries`]) require [JWT] authentication. @@ -111,6 +110,9 @@ package. [`GET /app/hook/deliveries`]: https://docs.github.com/en/rest/apps/webhooks#list-deliveries-for-an-app-webhook [JWT]: https://docs.github.com/en/developers/apps/building-github-apps/authenticating-with-github-apps#authenticating-as-a-github-app +`ghinstallation` provides `Transport`, which implements `http.RoundTripper` to provide authentication as an installation for GitHub Apps. + +Here is an example of how to authenticate as a GitHub App using the `ghinstallation` package: ```go import ( @@ -138,6 +140,44 @@ func main() { } ``` +`go-githubauth` implements a set of `oauth2.TokenSource` to be used with `oauth2.Client`. An `oauth2.Client` can be injected into the `github.Client` to authenticate requests. + +Other example using `go-githubauth`: + +```go +package main + +import ( + "context" + "fmt" + "os" + "strconv" + + "github.com/google/go-github/v62/github" + "github.com/jferrl/go-githubauth" + "golang.org/x/oauth2" +) + +func main() { + privateKey := []byte(os.Getenv("GITHUB_APP_PRIVATE_KEY")) + + appTokenSource, err := githubauth.NewApplicationTokenSource(1112, privateKey) + if err != nil { + fmt.Println("Error creating application token source:", err) + return + } + + installationTokenSource := githubauth.NewInstallationTokenSource(1113, appTokenSource) + + // oauth2.NewClient uses oauth2.ReuseTokenSource to reuse the token until it expires. + // The token will be automatically refreshed when it expires. + // InstallationTokenSource has the mechanism to refresh the token when it expires. + httpClient := oauth2.NewClient(context.Background(), installationTokenSource) + + client := github.NewClient(httpClient) +} +``` + *Note*: In order to interact with certain APIs, for example writing a file to a repo, one must generate an installation token using the installation ID of the GitHub app and authenticate with the OAuth method mentioned above. See the examples.