Comments (11)
So the documentation doesn't actually specify this behavior but basically you can have the endpoint return the list of all accessible repositories in the installation by specifying an empty array for the repositories parameter. It saved a round trip to the separate endpoint.
Command with empty array
curl -s "https://api.github.com/app/installations/$APP_INSTALL_ID/access_tokens" \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer $APP_JWT" \
-H "X-GitHub-Api-Version: 2022-11-28" \
-d '{"repositories":[],"permissions":{"contents":"read"}}'
Output
{
"token": "<token>",
"expires_at": "2024-03-17T02:30:32Z",
"permissions": {
"contents": "read",
"metadata": "read"
},
"repositories": ["<all repos in installation...>"],
"repository_selection": "all"
}
Command with null or no repositories
curl -s "https://api.github.com/app/installations/$APP_INSTALL_ID/access_tokens" \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer $APP_JWT" \
-H "X-GitHub-Api-Version: 2022-11-28" \
-d '{"repositories":null,"permissions":{"contents":"read"}}'
# OR
curl -s "https://api.github.com/app/installations/$APP_INSTALL_ID/access_tokens" \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer $APP_JWT" \
-H "X-GitHub-Api-Version: 2022-11-28" \
-d '{"permissions":{"contents":"read"}}'
Output
{
"token": "<token>",
"expires_at": "2024-03-17T02:30:32Z",
"permissions": {
"contents": "read",
"metadata": "read"
},
"repository_selection": "all"
}
from go-github.
According to the official docs:
Optionally, you can use the repositories or repository_ids body parameters to specify individual repositories that the installation access token can access. If you don't use repositories or repository_ids to grant access to specific repositories, the installation access token will have access to all repositories that the installation was granted access to. The installation access token cannot be granted access to repositories that the installation was not granted access to. Up to 500 repositories can be listed in this manner.
so these fields are optional, hence the omitempty
, and it's not clear (to me) what the behavior is if you were to send it an empty array (as opposed to not sending the field at all, which omitempty
does).
You didn't state what you are trying to do by providing it an empty array.
Are you trying to remove access to all repositories? If so, I'm wondering if that might be a different endpoint, such as this one?
If you are trying to do something else, then I need to warn you against removing omitempty
from optional body parameters, as that has historically wreaked havoc with other uses of the endpoint, and we've had to create additional endpoints to address the other behavior.
So please clarify what you are trying to do, and if you would like to create a PR to address the issue.
Thanks.
from go-github.
Awesome... Thank you for the detailed example!
Then I'm thinking we need to have a new, separate endpoint that handles this special case... with a name that makes the distinction clear.
What do you think?
Do you want to write it, @gillisandrew ?
from go-github.
Related Issues (20)
- Could you release new version more frequently? HOT 3
- Add MergedAt field to PullRequestLinks
- Add Topics to EditChange struct HOT 2
- Add support for Actions list jobs for a workflow run attempt HOT 3
- Listing Projects in a Repository HOT 6
- Repository Custom Properties: Add getters and setters HOT 1
- Proposal/Question: Release frequency HOT 5
- Hook should contain Config of type HookConfig HOT 5
- DownloadReleaseAsset breaks with renamed repository HOT 3
- Add support for Label exclusion in IssuesListOptions HOT 8
- Number of files/lines of code from *github.Repository HOT 1
- List[Organization]Runners does not support all query parameters
- Merge Queues break repository ruleset unmarshaling HOT 8
- Getting the metadata of an issue in github project planning board HOT 1
- Changing custom properties HOT 5
- Update deprecated endpoints in github/action_variables.go HOT 4
- `NewTeam` missing `notification_setting` field HOT 1
- feat: Add an option to wait for primary rate limit reset and retry instead of erroring out HOT 7
- Username is required when using fine-grained vs classic PAT (personal access token) for PlainClone operation
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from go-github.