Github API访问使用OAuth的私人回购协议 [英] Github API access to private repos using OAuth

问题描述

试图使用API​​访问我所属的Github组织的私人存储库中的文件。尝试了几种不同的方式：

1。如果我使用用户名/密码方法 -

  curl -usashafklein：mypasswordhttps://api.github.com/repos/:org/:repo/git/trees/:file_sha 
  

工作正常，但我试图从协作Rails应用程序访问回购站，所以我不想公布我的github登录凭证。我想创建一个有访问权限的虚拟GH帐户，并且使用这些凭据是可能的，但它绝对不是理想的选择。

2。请参阅API文档中的 OAuth2秘密/密钥方法。但它不起作用。如果我使用我的凭据作为参数来卷曲组织库回购网址：

  curl -ihttps：// api。 github.com/orgs/:org/repos?private&client_id=<ID>&client_secret=<SECRET> 
  

只有公开回购券才会出现。这可能是一个问题，我如何传递params（传递？private = true理论上应该返回一个空列表，但列表是相同的，所有公共回购），但我正在跟踪文档。 >

3。所以我很沮丧，看了一下这些文档获取OAuth令牌，但我对如何改变它以至于没有用户界面感到困惑 - 即让我的应用程序自动访问Github Orgs是我的会员，没有用户必须做任何事情。

任何想法我做错了尝试2，或如何获得尝试3自动工作？我非常难过。

编辑我认为我的client_id / secret是错误的，即使在我使用Octokit时，也不能访问受保护的回购。我理解这个错误吗？就我而言，我在Github上为我的Rails应用程序创建了一个应用程序，并且我试图使用这些凭据访问组织的私有回购站（我是贡献者）使用API​​。

解决方案

如果有人遇到这个问题，这里是我找到的解决方案。

显然，客户端我有凭据没有工作。我想我不太明白他们的用途。最简单的方法是使用用户名：密码方法（上面1）。（即，获得我的Rails应用程序访问我作为其成员的私人回购站的许可）。

为了让我的个人github凭证不会向所有使用该应用程序的人员提供，我创建了一个新的虚拟github帐户，该帐户的访问权限专门用作api凭证。

Trying to access files in the private repositories of a Github organization of which I am a member, using the API. Tried a couple different ways so far:

1. If I use the username/password method --

curl -u "sashafklein:mypassword" https://api.github.com/repos/:org/:repo/git/trees/:file_sha

it works fine, but I'm trying to access the repos from a collaborative Rails app, so I don't want to publicize my github login credentials. I suppose creating a dummy GH account with access and using those credentials is possible, but it's definitely not ideal..

2. So I looked at the OAuth2 Secret/Key method in the API docs. But it doesn't work. If I curl the org repo url with my credentials as params in the url:

curl -i "https://api.github.com/orgs/:org/repos?private&client_id=<ID>&client_secret=<SECRET>"

Only the public repos show up. This may be a problem with how I'm passing params (passing "?private=true" should theoretically then return an empty list, but the list is identical and all public repos), but I'm following the docs.

3. So I got frustrated and took a look at these docs for getting a OAuth token, but I'm confused about how to alter it so that there's no user interface -- ie, so that my app has automatic access to the Github Orgs of which I am a member, without users of it having to do anything in particular.

Any ideas what I'm doing wrong with attempt 2, or how to get attempt 3 working automatically? I'm pretty stumped.

EDIT I think my client_id/secret are wrong, cause even when I use Octokit, it can't access the protected repos. Am I understanding this wrong? As me, I created an "Application" on Github for my Rails app, and I'm trying to use those credentials to access the org's private repos (to which I am a contributor) using the API.

解决方案

In case anyone runs into this problem, here's the solution I found.

Apparently the client credentials I had weren't working. I think I didn't quite understand what they're for. The easiest way I could get this to work (ie, get permission for my rails app to access a private repo of which I was a member) was to use the username:password method (1, above).

So that my personal github credentials wouldn't be available to everyone using the app, I created a new dummy github account with access that serves exclusively as an api credentializer.

这篇关于Github API访问使用OAuth的私人回购协议的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！