auth-app.js icon indicating copy to clipboard operation
auth-app.js copied to clipboard

Published 20 hours ago verified publisher icon octokit

Backed authentication user-to-server without device flow

Open funes79 opened this issue 1 year ago • 0 comments

Maybe this questions does not belong here, but anyway I try. I tried to follow example code snippets from README but they are not very clear for me. I was able to authenticate Octokit using the simple auth (Personal Access Token) and using a device flow (Github app). But what I want to achieve is the user-to-server authentication without explicitly redirecting the user to a browser (because I run it in the backend) and without the need to pass the device code.

My GithubApp is already installed in the UserA's repository REPO with also the checkbox "Request user authorization (OAuth) during installation". So my undestanding is that the github app can act onbehalf of UserA in repository REPO. So how can I authenticate my node.js app and run for example a create commit or create issue?

I would like to see the commit/issue be created under "UserA created commit using [app name]"

Thanks!

my attempts: OAuth - this creates a commit under user UserA. But there is no mention of the app, and it requires the Code input from UserA.

    const auth = createOAuthDeviceAuth({
        clientType: "oauth-app",
        clientId,
        scopes: ["public_repo"],
        onVerification(verification) {      
          console.log("Open %s", verification.verification_uri);
          console.log("Enter code: %s", verification.user_code);
        },
      });

      const tokenAuthentication = await auth({
        type: "oauth",
      });      

      const octokit = new Octokit({
            auth: tokenAuthentication.token, 
        });
       
      // await commit({octokit}) Some stuff

The other attempt, not sure what should I put into the code:

     const appOctokit = new Octokit({
        authStrategy: createAppAuth,
        auth: {
          appId,
          privateKey,
          clientId,
          clientSecret,
          installationId: 32225903
        },
      });

    const userOctokit = await appOctokit.auth({
        type: "oauth-user",
        code: "?? What should I put here??",
        factory: (options) => {
          return new Octokit({
            authStrategy: createOAuthUserAuth,
            auth: options,
          });
        },
      });
    console.log(userOctokit.login);
    const {
        data: { login },
      } = await userOctokit.request("GET /user");
    console.log("Hello, %s!", login);

funes79 avatar Mar 06 '23 09:03 funes79