Would be a nice touch to have the app look in the os.environ if app.config doesn't have the client id and and client secret values.

Similar to how FLASK_DEBUG works. I can do the PR—I wanted to open the issue to check if it's in line with how you see this library being used.

blueprint = Blueprint('oauth', __name__)
# setup github-flask
github = GitHub(blueprint)

results in

Traceback (most recent call last):
...
  File "/Users/luckydonald/code/more_code/code/yes_code/github_oauth.py", line 14, in <module>
    github = GitHub(blueprint)
  File "/Users/luckydonald/code/virtualenv3.6.venv/lib/python3.6/site-packages/flask_github.py", line 81, in __init__
    self.init_app(self.app)
  File "/Users/luckydonald/code/virtualenv3.6.venv/lib/python3.6/site-packages/flask_github.py", line 86, in init_app
    self.client_id = app.config['GITHUB_CLIENT_ID']
AttributeError: 'Blueprint' object has no attribute 'config'

function is_json_response check if content type is equal to "application/json", in my request the json content type is "application/json; charset=utf-8".
would it be better to check if content-type.startwith('application/json') instead of content-type=='application/json'

edit: this is fixed by #23

The database keeps growing as new session tokens are added and never removed. Is this as expected or should there be a mechanism to timeout/expire/remove old tokens?

The github recommends conditional requests:

Most responses return an ETag header. Many responses also return a Last-Modified header. You can use the values of these headers to make subsequent requests to those resources using the If-None-Match and If-Modified-Since headers, respectively. If the resource has not changed, the server will return a 304 Not Modified. Also note: making a conditional request and receiving a 304 response does not count against your Rate Limit, so we encourage you to use it whenever possible.

Can we add this support to receive 304s?

When I was using github-flask to crawl all the fork list of one repo on multi-thread:
request('GET', 'repos/%s/forks' % project_name, True)

It wil be ban by github.

Is there any way I can avoid this if I use all_pages=True in
request(method, resource, all_pages=False, **kwargs) ?

My idea is that give user a option for not crawling so fast, like sleep(1) after each API call.

I have been trying to set a hook for my organization, and because the related API methods are still in alpha, an 'Accept' header is needed.

When I:

        hook_registration = {
            'name': 'web',
            'active': True,
            'events': ['push', 'pull_request'],
            'config': {
                'url': 'http://example.com/webhook',
                'content_type': 'json'
            }
        }
        return github.post('/orgs/%s/hooks' % org,
                           data=hook_registration,
                           headers={'Accept': 'application/vnd.github.sersi-preview+json'})

I get an error:

   ...
    File "/home/rhlobo/.virtualenvs/jackdaw/lib/python2.7/site-packages/flask_github.py", line 191, in post
data=data, **kwargs)
   TypeError: request() got multiple values for keyword argument 'headers'

@cenkalti Sounds great example! Do you have API reference document with detailed introduction about flask_github.GitHub.get ? As you know it only returns 30 records by default in first page, trying to leverage this method for all pagination records instead to write own.

My code is the same as your example.

It seems the decorator cannot call the access_token endpoint with the code parameter to get the token, but it could successfully get to the callback...

I have an app that uses this extension and I want to mock the login function for testing. I was thinking that maybe we could add a a flag saying that the app is in test mode or not, if that is the case, then mock everything. I am willing to implement this :)

In Github API, I want to update a file https://developer.github.com/v3/repos/contents/#update-a-file
however I see the source code it does not support data parameter in the PUT method, even not in the request method. I want the PUT method has the signature of POST so it can sends data to Github. Is it a particular design or is it missed?

So I ran the example.py as per the docs. I am able to authenticate with my app but I don't think it is saving the logged in user. So when I go to /user after the authentication, it gives me flask_github.GitHubError: 401: Bad credentials

Do I need to save g.user somewhere? What is the purpose of that /user route?

The Search API provides a multi-page search, but returns dicts (and not lists), leading to an error. That's the only multi-page dict I've found in the API.

A quick fix would be to use something like that in request:

body = response.json()
if isinstance(body, list):
    result += body
elif isinstance(body, dict) and 'items' in body:
    result['items'] += body['items']

Any better ideas?

Hi,

In the get() shortcut method, the params kwarg is not passed on to the self.request metod.

Is this by design?

When doing a query like this, I'd expect my parameters to be passed on to the Github API.

    def get(self):
        repo_dict = github.get('user/repos', params={'type': 'private'})
        return repo_dict

This way I should only receive my private repositories

Here is the problem:

The current environment is py2.7 , and i wanna write code capable of python3. So i add "from future import unicode_literals" on the top of file.Meanwhile, i use MethodView to build rest api in the same file.
However, when i run the web app, it thows the error,

"lib/python2.7/site-packages/flask/views.py", line 102, in as_view
view.__name__ = name
TypeError: __name__ must be set to a string object". 

I soon realize that because i use the "from future import unicode_literals" in py2 so the function name is unicode type, but the name of a function should be string type.So i wonder could we change the
source code and add the if-then workflow to convert name of function from unicode type into string type to handle the situation .

You receive a 401 for second page requests using the links headers.

Fixed in #28

This may be a bit meta, but most Flask extensions out there follow the naming convention of flask-extensionname.

Not trying to be overly dogmatic, but it might fit the spirit of the project better to be named flask-github instead...

Is it currently possible to integrate with Flask-JWT or is that a fools errand?

It looks like certain parts of the GitHub API don't support the access_token query parameter.

I don't think this is entirely documented, but I noticed that when working with the GitHub deployments API that the access_token query parameter was not working (perhaps a fluke in what is one of the relatively newer components to the GitHub API).

I found that by manually passing the Authorization header to the post method that my requests began to work again.

I propose switching to use the Authorization header rather than the access_token query parameter (or why not both).

GitHub now has a mechanism where it returns an access_token that expires in 8 hours and a refresh_token that's good for 6 months that you can use to get a fresh access token. See https://docs.github.com/en/developers/apps/building-github-apps/refreshing-user-to-server-access-tokens.

It looks like the Content-Type of POST data is currently set to application/x-www-form-urlencoded, even though the data are encoded as JSON.

I might be missing a nuance of the GitHub API, but should we consider changing this to application/json instead to match?

I set up the extension and it's working fine. However, my goal was to call http://localhost:5000/login and be able to login a JS client. Do I need to use something like Flask-Restful to expose the endpoints and use them on the client?

In example.py, a successful login incorrectly redirects to 'index.html' instead of to next_url.

I would like to use github-flask for registering new users and for authenticating them. However I do not know how I could distinguish such cases because the callback URI seems to be just one and I do not see how to pass to authorize parameters to distinguish the two cases

When I call github.get('/user') in my code, I got GitHubError: 404: Not Found.

Here is the code, the authorization part is good.

@auth.route('/login/github')
def github_login():
    return github.authorize(scope="user")

@github.access_token_getter
def token_getter():
    if current_user.is_authenticated:
        return current_user.access_token

@auth.route('/callback/github')
@github.authorized_handler
def authorized(access_token):
    next_url = request.args.get('next') or url_for('chat.app')
    if access_token is None:
        return redirect(next_url)

    user = User.query.filter_by(access_token=access_token).first()
    if user is None:
        user = User(access_token=access_token)
        user.save()
        login_user(user)
        github_user = github.get('/user')  # the error line
        print github_user
        return redirect(url_for('chat.profile'))
        
    user.access_token = access_token
    user.save()
    login_user(user)

    return redirect(next_url)

The API endpoint is listed in here.

Did I do something wrong? Any help will be appreciated.

Hi, in the docs there is:

def authorized_handler(self, f):
        """
        Decorator for the route that is used as the callback for authorizing
        with GitHub. This callback URL can be set in the settings for the app
        or passed in during authorization.

        """

https://github.com/cenkalti/github-flask/blob/master/flask_github.py#L98

But there is no such parameter in authorize

def authorize(self, scope=None):
        """
        Redirect to GitHub and request access to a user's data.

        """

https://github.com/cenkalti/github-flask/blob/master/flask_github.py#L77

How can I pass the callback url during the authorization?