-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathgithub-app.go
More file actions
95 lines (75 loc) · 2.39 KB
/
Copy pathgithub-app.go
File metadata and controls
95 lines (75 loc) · 2.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
package main
import (
"context"
"io/ioutil"
"time"
"github.com/golang-jwt/jwt"
"github.com/google/go-github/v40/github"
"golang.org/x/oauth2"
)
func createClaims(appId string) *jwt.StandardClaims {
return &jwt.StandardClaims{
// Issued at time, 60 seconds in the past to allow for clock drift
IssuedAt: time.Now().Unix() - 60,
// Expiration time, 10 minute maximum
ExpiresAt: time.Now().Unix() + (10 * 60),
// GitHub App's identifier
Issuer: appId,
}
}
type GitHubApp struct {
appId string
privateKey []byte
client *github.Client
ctx context.Context
}
func NewGitHubApp(appId string, privateKeyFilePath string) (*GitHubApp, error) {
app := &GitHubApp{appId: appId}
key, err := ioutil.ReadFile(privateKeyFilePath)
if err != nil {
return nil, err
}
app.privateKey = key
claims := createClaims(app.appId)
signingKey, err := jwt.ParseRSAPrivateKeyFromPEM(app.privateKey)
if err != nil {
return nil, err
}
token := jwt.NewWithClaims(jwt.SigningMethodRS256, *claims)
signedToken, err := token.SignedString(signingKey)
if err != nil {
return nil, err
}
app.ctx = context.Background()
staticTokenSource := oauth2.StaticTokenSource(&oauth2.Token{AccessToken: signedToken})
tokenClient := oauth2.NewClient(app.ctx, staticTokenSource)
app.client = github.NewClient(tokenClient)
return app, nil
}
func (app *GitHubApp) ListInstallations() ([]*github.Installation, error) {
installations, _, err := app.client.Apps.ListInstallations(app.ctx, nil)
if err != nil {
return nil, err
}
return installations, nil
}
func (app *GitHubApp) CreateInstallationToken(installation *github.Installation) (*github.InstallationToken, error) {
installationToken, _, err := app.client.Apps.CreateInstallationToken(app.ctx, *installation.ID, &github.InstallationTokenOptions{Permissions: installation.Permissions})
if err != nil {
return nil, err
}
return installationToken, nil
}
func (app *GitHubApp) CreateGitHubClient(ctx context.Context, installation *github.Installation) (*github.Client, error) {
installationToken, err := app.CreateInstallationToken(installation)
if err != nil {
return nil, err
}
if ctx == nil {
ctx = context.Background()
}
staticTokenSource := oauth2.StaticTokenSource(&oauth2.Token{AccessToken: *installationToken.Token})
tokenClient := oauth2.NewClient(ctx, staticTokenSource)
client := github.NewClient(tokenClient)
return client, nil
}