通过Github API获取令牌 [英] Get a token by Github API

问题描述

我在 Github中手动创建了一个令牌->设置->个人访问令牌->生成新令牌，仅选择 repo scope 。

此令牌可以正常工作，因此我可以将拥有 write 特权的人推入组织。

然后我想通过 github-api 做同样的操作（获取访问令牌）。

  params = dict（client_id = client_id，
 client_secret = client_secret，
 code = code）
 
 url = url_concat（ https://github.com/login/oauth/access_token，参数）
 
 req = HTTPRequest（url，
 method = POST， 
 headers = { Accept： application / json}，
 body =）
  

结果就是我有这样的 json ：

  {
'scope'：'repo'，
'token_type'：'bearer'，
'access_token'：'xxxxxxxx10755fbb6c281e92902ed122144886c5'
} 
  

这是正确的，但我不能进入我具有写入特权的组织存储库。我只能放入自己的存储库。

您能帮忙吗？

解决方案

因此，如果您想通过GitHub的API进行操作，则需要您的请求进行更改。

首先，您需要使用 / authorizations 端点，例如：

  POST / authorizations 
授权：基本... 
内容类型：application / json 
内容长度：... 
 
 {
范围：[
 repo，
 write：org 
]，
 note：来自@ sigmavirus24的StackOverflow示例，
 client_id ：您的client_id在这里，
 client_secret：您的client_secret在这里，
指纹： 1234，
} 
  

然后应返回 201 Created 响应，其正文如下：

  {
 id：72249124，
 url： https://api.github.com/authorizations / 72249 124，
 scopes：[
 repo，
 write：org 
]，
 token： abcdefgh12345678，
 token_last_eight： 12345678，
 hashed_token： 25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8，
 app：{
 url： http：// com-github-app。 ，
 name：我的github应用，
 client_id： abcde12345fghij67890 
}，
 note：可选注释，
  note_url： http：// optional / note / url，
 updated_at： 2017-02-08T20：39：23Z，
 created_at： 2017-02-08T17 ：26：27Z，
指纹： 1234 
} 
  

也就是说，您似乎正在尝试使用允许GitHub用作身份验证提供程序的终结点。换句话说，您正在构建一个允许用户使用GitHub登录的应用程序。如果是这种情况，那么您需要特别遵循 OAuth的Web应用程序流程。 / p>

在这种情况下，您只是其中的一部分，但发送的参数错误。

首先，您发出GET请求：

  GET https://github.com/login/oauth/authorize?client_id=< your-client_id>& scopes = repo％20write：org& state = something-random 
  

然后您将从GitHub接收回数据，您必须在POST中使用

  POST https://github.com/login/oauth/ access_token？client_id =< your-client_id>& client_secret =< your-client_secret>& code =< code-from-github> 
接受：application / json 
  

之后，您提出的任何请求都必须具有

 授权：令牌<令牌对POST的响应接收> 
  

干杯！

I manually created a token in Github -> Settings -> Personal access tokens -> Generate new token and chose only repo scope.

This token works fine, so with it I can push into organization I have write privileges.

Then I want to do the same (get an access_token) by github-api.

params = dict(client_id=client_id,
              client_secret=client_secret,
              code=code)

url = url_concat("https://github.com/login/oauth/access_token", params)

req = HTTPRequest(url,
                  method="POST",
                  headers={"Accept": "application/json"},
                  body="") 

As a result I have such json:

{
    'scope': 'repo',
    'token_type': 'bearer',
    'access_token': 'xxxxxxxx10755fbb6c281e92902ed122144886c5'
}

It is as everything correct, but I can't push into organization repos where I have write privileges. I can push only into my own repos.

Could you help? Any idea where is a mistake or inaccuracy is welcome.

解决方案

So if you want to do this via GitHub's API, your request needs to change.

First you need to be using the /authorizations endpoint like so:

POST /authorizations
Authorization: Basic ...
Content-Type: application/json
Content-Length: ...

{
  "scopes": [
    "repo",
    "write:org"
  ],
  "note": "Example from StackOverflow by @sigmavirus24",
  "client_id": "Your client_id here",
  "client_secret": "Your client_secret here",
  "fingerprint": "1234",
}

This should then return a 201 Created response with a body like so:

{
  "id": 72249124,
  "url": "https://api.github.com/authorizations/72249124",
  "scopes": [
    "repo",
    "write:org"
  ],
  "token": "abcdefgh12345678",
  "token_last_eight": "12345678",
  "hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
  "app": {
    "url": "http://my-github-app.com",
    "name": "my github app",
    "client_id": "abcde12345fghij67890"
  },
  "note": "optional note",
  "note_url": "http://optional/note/url",
  "updated_at": "2017-02-08T20:39:23Z",
  "created_at": "2017-02-08T17:26:27Z",
  "fingerprint": "1234"
}

Except it will be real.

That said, it appears that you're trying to use the endpoint that allows GitHub to be used as an authentication provider. In other words, you're building an application that allows users to sign-in with GitHub. If that's the case, then you need to specifically follow the Web Application Flow for OAuth.

In that case, you're part of the way there but you're sending the wrong parameters.

First you make a GET request:

GET https://github.com/login/oauth/authorize?client_id=<your-client_id>&scopes=repo%20write:org&state=something-random

Then you will receive data back from GitHub which you must use in your POST

POST https://github.com/login/oauth/access_token?client_id=<your-client_id>&client_secret=<your-client_secret>&code=<code-from-github>
Accept: application/json

After that, any request you make must have

Authorization: token <token-received-in-response-to-POST>

Cheers!

这篇关于通过Github API获取令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！