@octokit/auth-oauth-device
Advanced tools
Comparing version 1.0.0 to 2.0.0
@@ -52,2 +52,7 @@ 'use strict'; | ||
if (!state.authentication) return false; | ||
if (!("scopes" in state.authentication)) { | ||
return state.authentication; | ||
} | ||
const newScope = (auth.scopes || state.scopes).join(" "); | ||
@@ -83,7 +88,37 @@ const currentScope = state.authentication.scopes.join(" "); | ||
if ("access_token" in data) { | ||
// Only Client IDs belonging to GitHub Apps have a "lv1." prefix | ||
// To be more future proof, we only check for the existense of the "." | ||
const clientType = /\./.test(clientId) ? "github-app" : "oauth-app"; | ||
if (clientType === "oauth-app") { | ||
return { | ||
type: "token", | ||
tokenType: "oauth", | ||
clientType: "oauth-app", | ||
clientId: clientId, | ||
token: data.access_token, | ||
scopes: data.scope.split(/,\s*/).filter(Boolean) | ||
}; | ||
} | ||
if ("refresh_token" in data) { | ||
const apiTimeInMs = new Date(headers.date).getTime(); | ||
return { | ||
type: "token", | ||
tokenType: "oauth", | ||
clientType: "github-app", | ||
clientId: clientId, | ||
token: data.access_token, | ||
refreshToken: data.refresh_token, | ||
expiresAt: toTimestamp(apiTimeInMs, data.expires_in), | ||
refreshTokenExpiresAt: toTimestamp(apiTimeInMs, data.refresh_token_expires_in) | ||
}; | ||
} | ||
return { | ||
type: "token", | ||
tokenType: "oauth", | ||
token: data.access_token, | ||
scopes: data.scope.split(" ").filter(Boolean) | ||
clientType: "github-app", | ||
clientId: clientId, | ||
token: data.access_token | ||
}; | ||
@@ -108,2 +143,6 @@ } | ||
function toTimestamp(apiTimeInMs, expirationInSeconds) { | ||
return new Date(apiTimeInMs + expirationInSeconds * 1000).toISOString(); | ||
} | ||
async function auth(state, authOptions) { | ||
@@ -134,3 +173,3 @@ return getOAuthAccessToken(state, { | ||
const VERSION = "1.0.0"; | ||
const VERSION = "2.0.0"; | ||
@@ -137,0 +176,0 @@ function createOAuthDeviceAuth(options) { |
@@ -47,2 +47,5 @@ import { RequestError } from "@octokit/request-error"; | ||
return false; | ||
if (!("scopes" in state.authentication)) { | ||
return state.authentication; | ||
} | ||
const newScope = (auth.scopes || state.scopes).join(" "); | ||
@@ -71,7 +74,34 @@ const currentScope = state.authentication.scopes.join(" "); | ||
if ("access_token" in data) { | ||
// Only Client IDs belonging to GitHub Apps have a "lv1." prefix | ||
// To be more future proof, we only check for the existense of the "." | ||
const clientType = /\./.test(clientId) ? "github-app" : "oauth-app"; | ||
if (clientType === "oauth-app") { | ||
return { | ||
type: "token", | ||
tokenType: "oauth", | ||
clientType: "oauth-app", | ||
clientId: clientId, | ||
token: data.access_token, | ||
scopes: data.scope.split(/,\s*/).filter(Boolean), | ||
}; | ||
} | ||
if ("refresh_token" in data) { | ||
const apiTimeInMs = new Date(headers.date).getTime(); | ||
return { | ||
type: "token", | ||
tokenType: "oauth", | ||
clientType: "github-app", | ||
clientId: clientId, | ||
token: data.access_token, | ||
refreshToken: data.refresh_token, | ||
expiresAt: toTimestamp(apiTimeInMs, data.expires_in), | ||
refreshTokenExpiresAt: toTimestamp(apiTimeInMs, data.refresh_token_expires_in), | ||
}; | ||
} | ||
return { | ||
type: "token", | ||
tokenType: "oauth", | ||
clientType: "github-app", | ||
clientId: clientId, | ||
token: data.access_token, | ||
scopes: data.scope.split(" ").filter(Boolean), | ||
}; | ||
@@ -92,1 +122,4 @@ } | ||
} | ||
function toTimestamp(apiTimeInMs, expirationInSeconds) { | ||
return new Date(apiTimeInMs + expirationInSeconds * 1000).toISOString(); | ||
} |
@@ -1,1 +0,1 @@ | ||
export const VERSION = "1.0.0"; | ||
export const VERSION = "2.0.0"; |
@@ -1,7 +0,8 @@ | ||
import { StrategyOptions, AuthOptions, Authentication, AuthInterface } from "./types"; | ||
export declare type Types = { | ||
StrategyOptions: StrategyOptions; | ||
AuthOptions: AuthOptions; | ||
Authentication: Authentication; | ||
}; | ||
export declare function createOAuthDeviceAuth(options: StrategyOptions): AuthInterface; | ||
import * as Types from "./types"; | ||
export declare type StrategyOptions = Types.StrategyOptions; | ||
export declare type AuthOptions = Types.AuthOptions; | ||
export declare type Authentication = Types.Authentication; | ||
export declare type OAuthAppAuthentication = Types.OAuthAppAuthentication; | ||
export declare type GitHubAppAuthentication = Types.GitHubAppAuthentication; | ||
export declare type GitHubAppAuthenticationWithExpiration = Types.GitHubAppAuthenticationWithExpiration; | ||
export declare function createOAuthDeviceAuth(options: Types.StrategyOptions): Types.AuthInterface; |
@@ -17,8 +17,28 @@ import { RequestInterface, Route, EndpointOptions, RequestParameters, OctokitResponse } from "@octokit/types"; | ||
}; | ||
export declare type Authentication = { | ||
export declare type OAuthAppAuthentication = { | ||
type: "token"; | ||
tokenType: "oauth"; | ||
clientType: "oauth-app"; | ||
clientId: string; | ||
token: string; | ||
scopes: string[]; | ||
}; | ||
export declare type GitHubAppAuthentication = { | ||
type: "token"; | ||
tokenType: "oauth"; | ||
clientType: "github-app"; | ||
clientId: string; | ||
token: string; | ||
}; | ||
export declare type GitHubAppAuthenticationWithExpiration = { | ||
type: "token"; | ||
tokenType: "oauth"; | ||
clientType: "github-app"; | ||
clientId: string; | ||
token: string; | ||
refreshToken: string; | ||
expiresAt: string; | ||
refreshTokenExpiresAt: string; | ||
}; | ||
export declare type Authentication = OAuthAppAuthentication | GitHubAppAuthentication | GitHubAppAuthenticationWithExpiration; | ||
export declare type Verification = { | ||
@@ -25,0 +45,0 @@ device_code: string; |
@@ -1,1 +0,1 @@ | ||
export declare const VERSION = "1.0.0"; | ||
export declare const VERSION = "2.0.0"; |
@@ -50,2 +50,5 @@ import { getUserAgent } from 'universal-user-agent'; | ||
return false; | ||
if (!("scopes" in state.authentication)) { | ||
return state.authentication; | ||
} | ||
const newScope = (auth.scopes || state.scopes).join(" "); | ||
@@ -74,7 +77,34 @@ const currentScope = state.authentication.scopes.join(" "); | ||
if ("access_token" in data) { | ||
// Only Client IDs belonging to GitHub Apps have a "lv1." prefix | ||
// To be more future proof, we only check for the existense of the "." | ||
const clientType = /\./.test(clientId) ? "github-app" : "oauth-app"; | ||
if (clientType === "oauth-app") { | ||
return { | ||
type: "token", | ||
tokenType: "oauth", | ||
clientType: "oauth-app", | ||
clientId: clientId, | ||
token: data.access_token, | ||
scopes: data.scope.split(/,\s*/).filter(Boolean), | ||
}; | ||
} | ||
if ("refresh_token" in data) { | ||
const apiTimeInMs = new Date(headers.date).getTime(); | ||
return { | ||
type: "token", | ||
tokenType: "oauth", | ||
clientType: "github-app", | ||
clientId: clientId, | ||
token: data.access_token, | ||
refreshToken: data.refresh_token, | ||
expiresAt: toTimestamp(apiTimeInMs, data.expires_in), | ||
refreshTokenExpiresAt: toTimestamp(apiTimeInMs, data.refresh_token_expires_in), | ||
}; | ||
} | ||
return { | ||
type: "token", | ||
tokenType: "oauth", | ||
clientType: "github-app", | ||
clientId: clientId, | ||
token: data.access_token, | ||
scopes: data.scope.split(" ").filter(Boolean), | ||
}; | ||
@@ -95,2 +125,5 @@ } | ||
} | ||
function toTimestamp(apiTimeInMs, expirationInSeconds) { | ||
return new Date(apiTimeInMs + expirationInSeconds * 1000).toISOString(); | ||
} | ||
@@ -117,3 +150,3 @@ async function auth(state, authOptions) { | ||
const VERSION = "1.0.0"; | ||
const VERSION = "2.0.0"; | ||
@@ -120,0 +153,0 @@ function createOAuthDeviceAuth(options) { |
{ | ||
"name": "@octokit/auth-oauth-device", | ||
"description": "GitHub OAuth Device authentication strategy for JavaScript", | ||
"version": "1.0.0", | ||
"version": "2.0.0", | ||
"license": "MIT", | ||
@@ -18,3 +18,3 @@ "files": [ | ||
], | ||
"repository": "https://github.com/octokit/auth-oauth-device.js", | ||
"repository": "github:octokit/auth-oauth-device.js", | ||
"dependencies": { | ||
@@ -21,0 +21,0 @@ "@octokit/request": "^5.4.14", |
241
README.md
@@ -17,3 +17,7 @@ # auth-oauth-device.js | ||
- [Authentication object](#authentication-object) | ||
- [OAuth APP user authentication](#oauth-app-user-authentication) | ||
- [GitHub APP user authentication with expiring tokens disabled](#github-app-user-authentication-with-expiring-tokens-disabled) | ||
- [GitHub APP user authentication with expiring tokens enabled](#github-app-user-authentication-with-expiring-tokens-enabled) | ||
- [`auth.hook(request, route, parameters)` or `auth.hook(request, options)`](#authhookrequest-route-parameters-or-authhookrequest-options) | ||
- [Types](#types) | ||
- [How it works](#how-it-works) | ||
@@ -243,4 +247,15 @@ - [Contributing](#contributing) | ||
The async `auth(options)` method resolves to an object with the following properties | ||
The async `auth(options)` method resolves to one of three possible objects | ||
1. OAuth APP user authentication | ||
1. GitHub APP user authentication with expiring tokens disabled | ||
1. GitHub APP user authentication with expiring tokens enabled | ||
The differences are | ||
1. `scopes` is only present for OAuth Apps | ||
2. `refreshToken`, `expiresAt`, `refreshTokenExpiresAt` are only present for GitHub Apps, and only if token expiration is enabled | ||
### OAuth APP user authentication | ||
<table width="100%"> | ||
@@ -274,2 +289,35 @@ <thead align=left> | ||
<th> | ||
<code>tokenType</code> | ||
</th> | ||
<th> | ||
<code>string</code> | ||
</th> | ||
<td> | ||
<code>"oauth"</code> | ||
</td> | ||
</tr> | ||
<tr> | ||
<th> | ||
<code>clientType</code> | ||
</th> | ||
<th> | ||
<code>string</code> | ||
</th> | ||
<td> | ||
<code>"github-app"</code> | ||
</td> | ||
</tr> | ||
<tr> | ||
<th> | ||
<code>clientId</code> | ||
</th> | ||
<th> | ||
<code>string</code> | ||
</th> | ||
<td> | ||
The app's <code>Client ID</code> | ||
</td> | ||
</tr> | ||
<tr> | ||
<th> | ||
<code>token</code> | ||
@@ -286,2 +334,44 @@ </th> | ||
<th> | ||
<code>scopes</code> | ||
</th> | ||
<th> | ||
<code>array of strings</code> | ||
</th> | ||
<td> | ||
array of scope names enabled for the token | ||
</td> | ||
</tr> | ||
</tbody> | ||
</table> | ||
### GitHub APP user authentication with expiring tokens disabled | ||
<table width="100%"> | ||
<thead align=left> | ||
<tr> | ||
<th width=150> | ||
name | ||
</th> | ||
<th width=70> | ||
type | ||
</th> | ||
<th> | ||
description | ||
</th> | ||
</tr> | ||
</thead> | ||
<tbody align=left valign=top> | ||
<tr> | ||
<th> | ||
<code>type</code> | ||
</th> | ||
<th> | ||
<code>string</code> | ||
</th> | ||
<td> | ||
<code>"token"</code> | ||
</td> | ||
</tr> | ||
<tr> | ||
<th> | ||
<code>tokenType</code> | ||
@@ -298,14 +388,144 @@ </th> | ||
<th> | ||
<code>scopes</code> | ||
<code>clientType</code> | ||
</th> | ||
<th> | ||
<code>array of strings</code> | ||
<code>string</code> | ||
</th> | ||
<td> | ||
array of scope names enabled for the token | ||
<code>"github-app"</code> | ||
</td> | ||
</tr> | ||
<tr> | ||
<th> | ||
<code>clientId</code> | ||
</th> | ||
<th> | ||
<code>string</code> | ||
</th> | ||
<td> | ||
The app's <code>Client ID</code> | ||
</td> | ||
</tr> | ||
<tr> | ||
<th> | ||
<code>token</code> | ||
</th> | ||
<th> | ||
<code>string</code> | ||
</th> | ||
<td> | ||
The personal access token | ||
</td> | ||
</tr> | ||
</tbody> | ||
</table> | ||
### GitHub APP user authentication with expiring tokens enabled | ||
<table width="100%"> | ||
<thead align=left> | ||
<tr> | ||
<th width=150> | ||
name | ||
</th> | ||
<th width=70> | ||
type | ||
</th> | ||
<th> | ||
description | ||
</th> | ||
</tr> | ||
</thead> | ||
<tbody align=left valign=top> | ||
<tr> | ||
<th> | ||
<code>type</code> | ||
</th> | ||
<th> | ||
<code>string</code> | ||
</th> | ||
<td> | ||
<code>"token"</code> | ||
</td> | ||
</tr> | ||
<tr> | ||
<th> | ||
<code>tokenType</code> | ||
</th> | ||
<th> | ||
<code>string</code> | ||
</th> | ||
<td> | ||
<code>"oauth"</code> | ||
</td> | ||
</tr> | ||
<tr> | ||
<th> | ||
<code>clientType</code> | ||
</th> | ||
<th> | ||
<code>string</code> | ||
</th> | ||
<td> | ||
<code>"github-app"</code> | ||
</td> | ||
</tr> | ||
<tr> | ||
<th> | ||
<code>clientId</code> | ||
</th> | ||
<th> | ||
<code>string</code> | ||
</th> | ||
<td> | ||
The app's <code>Client ID</code> | ||
</td> | ||
</tr> | ||
<tr> | ||
<th> | ||
<code>token</code> | ||
</th> | ||
<th> | ||
<code>string</code> | ||
</th> | ||
<td> | ||
The user access token | ||
</td> | ||
</tr> | ||
<tr> | ||
<th> | ||
<code>refreshToken</code> | ||
</th> | ||
<th> | ||
<code>string</code> | ||
</th> | ||
<td> | ||
The refresh token | ||
</td> | ||
</tr> | ||
<tr> | ||
<th> | ||
<code>expiresAt</code> | ||
</th> | ||
<th> | ||
<code>string</code> | ||
</th> | ||
<td> | ||
Date timestamp in <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/toISOString">ISO 8601</a> standard. Example: <code>2022-01-01T08:00:0.000Z</code> | ||
</td> | ||
</tr> | ||
<tr> | ||
<th> | ||
<code>refreshTokenExpiresAt</code> | ||
</th> | ||
<th> | ||
<code>string</code> | ||
</th> | ||
<td> | ||
Date timestamp in <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/toISOString">ISO 8601</a> standard. Example: <code>2021-07-01T00:00:0.000Z</code> | ||
</td> | ||
</tr> | ||
</tbody> | ||
</table> | ||
## `auth.hook(request, route, parameters)` or `auth.hook(request, options)` | ||
@@ -335,2 +555,15 @@ | ||
## Types | ||
```ts | ||
import { | ||
StrategyOptions, | ||
AuthOptions, | ||
Authentication, | ||
OAuthAppAuthentication, | ||
GitHubAppAuthentication, | ||
GitHubAppAuthenticationWithExpiration, | ||
} from "@octokit/auth-oauth-device"; | ||
``` | ||
## How it works | ||
@@ -337,0 +570,0 @@ |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
66749
573
583