Documentation ¶
Overview ¶
Package githubauth provides interfaces and implementations for authenticating to GitHub.
Index ¶
- type App
- func (g *App) AccessToken(ctx context.Context, request *TokenRequest) (string, error)
- func (g *App) AccessTokenAllRepos(ctx context.Context, request *TokenRequestAllRepos) (string, error)
- func (g *App) AllReposTokenSource(permissions map[string]string) TokenSource
- func (g *App) AppToken() ([]byte, error)
- func (g *App) OAuthAppTokenSource() oauth2.TokenSource
- func (g *App) SelectedReposTokenSource(permissions map[string]string, repos ...string) TokenSource
- type Option
- type StaticTokenSource
- type TokenRequest
- type TokenRequestAllRepos
- type TokenSource
- type TokenSourceFunc
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type App ¶
type App struct { AppID string InstallationID string PrivateKey *rsa.PrivateKey // contains filtered or unexported fields }
App is an object that can be used to generate application level JWTs or to request an OIDC token on behalf of an installation.
func NewApp ¶
func NewApp[T *rsa.PrivateKey | string | []byte](appID, installationID string, privateKeyT T, opts ...Option) (*App, error)
NewApp creates a new GitHub App from the given inputs.
The privateKey can be the *rsa.PrivateKey, or a PEM-encoded string (or []byte) of the private key material.
func (*App) AccessToken ¶
AccessToken calls the GitHub API to generate a new access token for this application installation with the requested permissions and repositories.
func (*App) AccessTokenAllRepos ¶
func (g *App) AccessTokenAllRepos(ctx context.Context, request *TokenRequestAllRepos) (string, error)
AccessTokenAllRepos calls the GitHub API to generate a new access token for this application installation with the requested permissions and all granted repositories.
func (*App) AllReposTokenSource ¶
func (g *App) AllReposTokenSource(permissions map[string]string) TokenSource
AllReposTokenSource returns a TokenSource that mints a GitHub token with permissions on all repos.
func (*App) AppToken ¶
AppToken creates a signed JWT to authenticate a GitHub app so that it can make API calls to GitHub.
func (*App) OAuthAppTokenSource ¶
func (g *App) OAuthAppTokenSource() oauth2.TokenSource
OAuthAppTokenSource adheres to the oauth2 TokenSource interface and returns a oauth2 token by creating a JWT token.
func (*App) SelectedReposTokenSource ¶
func (g *App) SelectedReposTokenSource(permissions map[string]string, repos ...string) TokenSource
SelectedReposTokenSource returns a TokenSource that mints a GitHub token with permissions on the selected repos.
type Option ¶
Option is a function that provides an option to the GitHub App creation.
func WithAccessTokenURLPattern ¶
WithAccessTokenURLPattern allows overriding of the GitHub api url that is used when generating installation access tokens. The default is the primary GitHub api url which should only be overridden for private GitHub installations.
The `pattern` parameter expects a single `%s` that represents the installation id that is provided with the rest of the configuration.
func WithHTTPClient ¶
WithHTTPClient is an option that allows a consumer to provider their own http client implementation.
func WithJWTTokenCaching ¶
WithJWTTokenCaching is an option that tells the GitHub app to cache its JWT App tokens. The amount of time that the tokens are cached is based on the provided `beforeExp` parameter + the configured token expiration. This results in a cache expiration of <token expiration> - <beforeExp>.
func WithJWTTokenExpiration ¶
WithJWTTokenExpiration is an option that allows overriding the default expiration date of the application JWTs.
type StaticTokenSource ¶
type StaticTokenSource struct {
// contains filtered or unexported fields
}
StaticTokenSource is a GitHubToken provider that returns the provided token.
func NewStaticTokenSource ¶
func NewStaticTokenSource(token string) (*StaticTokenSource, error)
NewStaticTokenSource returns a StaticTokenSource which returns the token string as given.
func (*StaticTokenSource) GitHubToken ¶
func (s *StaticTokenSource) GitHubToken(ctx context.Context) (string, error)
GitHubToken implements TokenSource.
type TokenRequest ¶
type TokenRequest struct { Repositories []string `json:"repositories"` Permissions map[string]string `json:"permissions"` }
TokenRequest is a struct that contains the list of repositories and the requested permissions / scopes that are requested when generating a new installation access token.
type TokenRequestAllRepos ¶
TokenRequestAllRepos is a struct that contains the requested permissions/scopes that are requested when generating a new installation access token.
This struct intentionally omits the repository properties to generate a token for all repositories granted to this GitHub app installation.
type TokenSource ¶
type TokenSource interface { // GitHubToken returns a GitHub token, or any error that occurs. GitHubToken(ctx context.Context) (string, error) }
TokenSource is an interface which returns a GitHub token.
type TokenSourceFunc ¶
TokenSourceFunc is a function that implements TokenSource.
func (TokenSourceFunc) GitHubToken ¶
func (f TokenSourceFunc) GitHubToken(ctx context.Context) (string, error)