GithubApp Auth about github4s HOT 12 OPEN

thanks @fedefernandez! we'll give it a try.

cc @thijsnissen

from github4s.

Okay, next week I'm going to prepare this changes and will discuss it with real example.

from github4s.

You're right we don't support github apps authorization.
However, I'm not sure about the best way to go about it as we don't want to handle jwt tokens directly in the library for example.

from github4s.

Agreed, maybe we can make GithubClient to accept instance of GithubAuth, so the user can use by default GithubPatAuth, in other cases they need to define own class.

But if it's part of Github Auth flow user will do same code over and over.

from github4s.

So, do you have any suggestions how to implement it?
I can do that, by I need to be sure that I don't waste a time.

from github4s.

maybe we can make GithubClient to accept instance of GithubAuth, so the user can use by default GithubPatAuth, in other cases they need to define own class.

I'm 👍 on that

from github4s.

But as I mention before, users will do same code over and over and not in the best way. It's like give them domain and say, use own http sender.

from github4s.

We can add that code as documentation, it doesn't seem to me like the usage will be so huge that it would need to be part of the library.

from github4s.

@loonydev Hi! Are you still planning to make a PR with this changes?

from github4s.

Morning @kusaeva, not yet, it's in plan, but not in a near future. If you have a time to make it, it would be great.

from github4s.

Hello - I'm interested about the status of this issue

We have a standalone service in our infrastructure that requires broad access to GH's REST api and the repositories under our organisation (DHL-Parcel) - preferably using the github4s library and authorise not via a personal access token - but either via JWT tokens or - as requested in this issue - via GH Apps authorisation.

We did try the new AccessToken feature to get this working but weren't able to. The main issue seems to be the Authorisation: token header being hardcoded in the library, but we might not understand the way the new features was intended to be used. In that case an example would help us.

If authorisation via JWT or GH App tokens is currently not possible we would able to spend some time on getting this to work with github4s provided that we get some help and pointers on how the preferred integration should look like in the API.

Thanks in advance :)

from github4s.

Hi @nmcb, thanks for your interest.

This is how it's currently built.

We have an algebra that allows generating tokens:

This algebra has a single implementation called StaticAccessToken. You pass a token, and it returns as a pure value.

When you create a new Github4s client, it's creates an instance of that algebra to use it internally:

This is then used to create the internal GithubAPIv3 algebra:

That, in a similar way, pass it to the internal HTTPClient algebra:

The HTTPClient uses the withAccessToken to get the token and pass it to the RequestBuilder

The RequestBuilder stores the token in a authHeader map, where the key is Authorization, and the value is s"token $token".

This is mapped to a Header.Raw

Potential solution

@loonydev's approach looks good, so I've created a draft with a potential solution:

• https://github.com/47degrees/github4s/pull/875/files

In that way, you can implement your algebra for generating auth headers, having complete control. Let me know your thoughts. The docs need to be updated accordingly.

from github4s.