@probot-ng/octokit-auth-probot-ng
v1.2.13
Published
Octokit authentication strategy that supports token, app (JWT), and event-based installation authentication
Downloads
48
Maintainers
Keywords
Readme
@probot-ng/@probot-ng/octokit-auth-probot-ng-ng
Octokit authentication strategy that supports token, app (JWT), and event-based installation authentication
@probot-ng/octokit-auth-probot-ng
combines the authentication strategies:
It adds a new authentication type: "event-octokit"
, which allows to retrieve an Octokit instance which is correctly authenticated based on the Octokit constructors authentication (app
or token
) as well as the event, which either results in an installation access token authentication or, in case the event implies that the installation's access has been revoked, in an unauthenticated Octokit instance.
@probot-ng/octokit-auth-probot-ng
is not meant to be used by itself, but in conjuction with @octokit/core
or a compatible library.
Usage
Load @probot-ng/octokit-auth-probot-ng
directly from cdn.pika.dev
<script type="module">
import { Octokit } from "https://cdn.pika.dev/@octokit/core";
import { createProbotAuth } from "https://cdn.pika.dev/@probot-ng/octokit-auth-probot-ng";
</script>
Install with npm install @probot-ng/octokit-auth-probot-ng
const { Octokit } = require("@octokit/core");
const { createProbotAuth } = require("@probot-ng/octokit-auth-probot-ng");
// or:
// import { Octokit } from "@octokit/core";
// import { createProbotAuth } from "@probot-ng/octokit-auth-probot-ng";
⚠️ For usage in browsers: The private keys provided by GitHub are in PKCS#1
format, but the WebCrypto API only supports PKCS#8
. You need to convert it first:
openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in private-key.pem -out private-key-pkcs8.key
No conversion is needed in Node, both PKCS#1
and PKCS#8
format will work.
const { Octokit } = require("@octokit/core");
const { createProbotAuth } = require("@probot-ng/octokit-auth-probot-ng");
const ProbotOctokit = Octokit.defaults({
authStrategy: createProbotAuth,
});
Token authentication
const octokit = new ProbotOctokit({
auth: {
token: "secret 123",
},
});
Note: when using octokit.auth({ type: "installation", factory })
, factory(options)
will be called with options.octokit
, options.octokitOptions
, plus any other properties that have been passed to octokit.auth()
besides type
and factory
. In all other cases, octokit.auth()
will resolve with an oauth
authentication object, no matter the passed options.
App authentication
const octokit = new ProbotOctokit({
auth: {
appId: 123,
privateKey: `----BEGIN RSA PRIVATE KEY----- ...`,
},
});
Unauthenticated
const octokit = new ProbotOctokit();
This is useful if you need to send a request without access to authentication. Probot's use case here is Create a GitHub App from a manifest (POST /app-manifests/{code}/conversions
), which is used to register a GitHub app and retrieve the credentials in return.
Get authenticated octokit instance based on event
const eventOctokit = await octokit.auth({
type: "event-octokit",
event: { name: "push", payload: { installation: { id: 123 } } }, // event payload
});
eventOctokit
is now authenticated in one of three ways:
- If
octokit
was authenticated using a token,eventOctokit
is authenticated with the same token. In fact,eventOctokit
isoctokit
- If
event
name isinstallation
andpayload.action
is eithersuspend
ordeleted
, theneventOctokit
is unauthenticated using@octokit/auth-unauthenticated
- Otherwise
eventOctokit
is authenticated as installation based onpayload.installation.id