What happened?

When I get the GitHub APP user authentication object having refresh-token and use it with createOAuthDeviceAuth strategy in Octokit Client, Octokit client never refreshes authentication.
From the looks of it, this library does not seem to handle Refresh Token properly.
I am trying to authenticate a user using Device Flow, which does not require a Client Secret, for a client-side product, but I am having to go through the authorization process again, even though the Refresh Token is still valid.

Versions

Octokit v3.0.0 Deno v1.35.1

Relevant log output

No response

Code of Conduct

• I agree to follow this project's Code of Conduct

Description

Node v10 has been deprecated so there is no need to keep giving support to it in our CI.

Context

You can find more details here

There is an error with this repository's Renovate configuration that needs to be fixed. As a precaution, Renovate will stop PRs until it is resolved.

Location: package.json
Error type: The renovate configuration file contains some invalid settings
Message: Invalid configuration option: @pika/pack, Invalid configuration option: author, Invalid configuration option: jest, Invalid configuration option: keywords, Invalid configuration option: license, Invalid configuration option: name, Invalid configuration option: packageRules[0].@octokit/oauth-methods, Invalid configuration option: packageRules[0].@octokit/request, Invalid configuration option: packageRules[0].@octokit/types, Invalid configuration option: packageRules[0].universal-user-agent, Invalid configuration option: packageRules[1].@octokit/tsconfig, Invalid configuration option: packageRules[1].@pika/pack, Invalid configuration option: packageRules[1].@pika/plugin-build-node, Invalid configuration option: packageRules[1].@pika/plugin-build-web, Invalid configuration option: packageRules[1].@pika/plugin-ts-standard-pkg, Invalid configuration option: packageRules[1].@types/jest, Invalid configuration option: packageRules[1].@types/node, Invalid configuration option: packageRules[1].fetch-mock, Invalid configuration option: packageRules[1].jest, Invalid configuration option: packageRules[1].prettier, Invalid configuration option: packageRules[1].semantic-release, Invalid configuration option: packageRules[1].semantic-release-plugin-update-version-in-files, Invalid configuration option: packageRules[1].ts-jest, Invalid configuration option: packageRules[1].typescript, Invalid configuration option: publishConfig, Invalid configuration option: release, Invalid configuration option: renovate, Invalid configuration option: scripts, Invalid configuration option: version

Follow up to #60

Ideally we would do a test_matrix step and then a test step that depends on test_matrix, so that for branch protections we can require test independent of the Node versions we are using.

See this for reference: https://github.com/octokit/core.js/blob/393caf31b2e802ea9be59aa84f90d64f98953fdb/.github/workflows/test.yml#L32

What’s missing?

GitHub is supporting Refreshing user-to-server access tokens. In its current form, the Authentication object does not include these properties.

Why?

As an owner of a GitHub App with expiring user-to-server tokens enabled, I want to be able to refresh an expired token.

Alternatives you tried

There are no viable alternatives. I'd either need to fork this repository and create an alternative version, or I would need to implement a custom request hook only for this purpose.

What happened?

Using this from deno, GitHubAppAuthenticationWithExpiration is linked to OAuthMethodsTypes.GitHubAppAuthentication.
https://github.com/octokit/auth-oauth-device.js/blob/b0e161f90b120bef24486c6c7f344b5a8f27b6f9/src/types.ts#L73C4-L76

But it should be linked to OAuthMethodsTypes.GitHubAppAuthenticationWithExpiration OAuthMethodsTypes.GitHubAppAuthenticationWithRefreshToken.

Versions

auth-oauth-device.js v6.0.0

Relevant log output

No response

Code of Conduct

• I agree to follow this project's Code of Conduct

This is a problem because a PR with tests failing can be merged (because the required 'test' Check Run is skipped).

Originally posted by @oscard0m in #45 (comment)