[QUESTION] How to use with GitHub Apps?

[LarryBarker]

Hey there, thank you for sharing this package - it has been tremendously helpful! I'm wondering if you can provide some general guidance or help answer some questions about how to integrate a GitHub App with my Laravel app?

For context, I was using Laravel Socialite to provide oauth authentication, and then piggybacking off this and using the oauth token to work with my users pull requests, comments, etc. and based on their feedback, they prefer these actions to come from the app itself, instead of their account. For example, when my app leaves a comment on their PR, it appears as if the user left the comment, instead of my app.

I have started researching and testing GitHub Apps, and have run into a couple issues and would greatly appreciate any feedback you may have.

I do have a working proof of concept, although it seems a bit "hacky" and I want to see if you have any recommendations on a better approach? So here's what I'm doing currently:

1. I found this doc in the KnpLaps repo: https://github.com/KnpLabs/php-github-api/blob/v3.14.0/doc/security.md#authenticating-as-an-integration
2. I am basically using this to generate my JWT token, and then using the same package to generate an installation token: https://github.com/KnpLabs/php-github-api/blob/v3.14.0/doc/apps.md#create-a-new-installation-token
3. Next, using the installation token, I am using Laravel's HTTP facade to make a request, rather than your package:

$builder = new Builder();
    $github = new Client($builder, 'machine-man-preview');
    $config = Configuration::forSymmetricSigner(
        new Sha256(),
        InMemory::file('/Users/larry/Herd/glimpse/private-key.pem')
    );

    $now = new \DateTimeImmutable();
    $jwt = $config->builder(ChainedFormatter::withUnixTimestampDates())
        ->issuedBy('914264')
        ->issuedAt($now)
        ->expiresAt($now->modify('+1 minute'))
        ->getToken($config->signer(), $config->signingKey());

    $github->authenticate($jwt->toString(), null, AuthMethod::JWT);
    $token = $github->api('apps')->createInstallationToken(51661655);


    $response = Http::withToken($token['token'])
                ->post('https://api.github.com/repos/'...);

I would love to continue using your package if possible, just not sure how to do so at this point?

I have tried using other connection methods, including app, private, and jwt but continue to face the Bad credentials error from GitHub.

Again, thank you for your work here, and I look forward to your reply in either case 🙏