regextokens
regextokens copied to clipboard
odomojuli
GitHub Access Token format
See recent pull request: https://github.com/odomojuli/RegExAPI/pull/12
As of April 5th, 2021: https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats/
GitHub has introduced new formats for their personal access tokens (beta).
There should be several additional entries to cover usage.
These include variants that may for example invoke both a pattern for GitHub actions and the fine-grained personal access token associated with it.
Examples should be drawn as much as possible from the documentation.
New Github token format added. https://github.com/odomojuli/RegExAPI/commit/1882025695d4416d6e89d6b1ef2958567d5b2be9
Implementation follows mostly from: https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats/
The snippet about entropy details format:
Math.log(((“a”..“z”).to_a + (“A”..“Z”).to_a + (0..9).to_a).length)/Math.log(2) * 30 = 178
30 characters, and then a 6-digit checksum at the end.
A 32 bit checksum in the last 6 digits of each token strikes the optimal balance between keeping the random token portion at a consistent entropy and enough confidence in the checksum. We start the implementation with a CRC32 algorithm, a standard checksum algorithm. We then encode the result with a Base62 implementation, using leading zeros for padding as needed.
Addendum: there's some regex patterns for things like GitHub actions and concatenating the PAT: https://gist.github.com/magnetikonline/073afe7909ffdd6f10ef06a00bc3bc88
I can't seem to find the desired documentation that illustrates the scope of this behavior. So I'm leaving this issue open until those entries are covered.
Wouldn't it make sense to write it on 2 different lines as before April 5, 2021 and as Beta?
