@octokit/auth-token - npm Package Compare versions

		{
		"name": "@octokit/auth-token",
		"publishConfig": {
		"access": "public"
		},
		"version": "1.0.0",
		"description": "Octokit library implementing the token authentication strategy for browsers and Node.js",
		"main": "index.js",
		"scripts": {
		"build": "pack build",
		"test": "jest --coverage"
		},
		"repository": "https://github.com/octokit/auth-token.js",
		"description": "GitHub API token authentication for browsers and Node.js",
		"version": "2.0.0",
		"license": "MIT",
		"files": [
		"dist-*/",
		"bin/"
		],
		"pika": true,
		"sideEffects": false,
		"keywords": [
		@@ -20,10 +18,11 @@ "github",
		],
		"author": "Gregor Martynus (https://github.com/gr2m)",
		"license": "MIT",
		"homepage": "https://github.com/octokit/auth-token.js#readme",
		"bugs": {
		"url": "https://github.com/octokit/auth-token.js/issues"
		},
		"homepage": "https://github.com/octokit/auth-token.js#readme",
		"repository": "https://github.com/octokit/auth-token.js",
		"dependencies": {},
		"devDependencies": {
		"@pika/pack": "^0.3.7",
		"@octokit/request": "^5.0.1",
		"@pika/pack": "^0.4.0",
		"@pika/plugin-build-node": "^0.4.0",
		@@ -33,42 +32,19 @@ "@pika/plugin-build-web": "^0.4.0",
		"@pika/plugin-ts-standard-pkg": "^0.4.0",
		"@types/fetch-mock": "^7.3.1",
		"@types/jest": "^24.0.13",
		"fetch-mock": "^7.3.7",
		"jest": "^24.8.0",
		"pika-plugin-unpkg-field": "^1.1.0",
		"semantic-release": "^15.13.12",
		"ts-jest": "^24.0.2",
		"typescript": "^3.5.1",
		"semantic-release": "^15.13.12"
		"typescript": "^3.5.1"
		},
		"jest": {
		"preset": "ts-jest",
		"coverageThreshold": {
		"global": {
		"statements": 100,
		"branches": 100,
		"functions": 100,
		"lines": 100
		}
		}
		"publishConfig": {
		"access": "public"
		},
		"@pika/pack": {
		"pipeline": [
		[
		"@pika/plugin-ts-standard-pkg"
		],
		[
		"@pika/plugin-build-node"
		],
		[
		"@pika/plugin-build-web"
		],
		[
		"@pika/plugin-bundle-web",
		{
		"browser": true
		}
		],
		[
		"pika-plugin-unpkg-field"
		]
		]
		}
		"source": "dist-src/index.js",
		"types": "dist-types/index.d.ts",
		"main": "dist-node/index.js",
		"module": "dist-web/index.js",
		"unpkg": "dist-web/index.bundled.js"
		}

249

README.md

		# auth-token.js

		> Octokit library implementing the token authentication strategy for browsers and Node.js
		> GitHub API token authentication for browsers and Node.js

		@@ -9,36 +9,56 @@ [![@latest](https://img.shields.io/npm/v/@octokit/auth-token.svg)](https://www.npmjs.com/package/@octokit/auth-token)

		`@octokit/auth-token` is the simplest of GitHub’s authentication strategies.
		`@octokit/auth-token` is the simplest of [GitHub’s authentication strategies](https://github.com/octokit/auth.js).

		A string is passed to the `createTokenAuth` function which returns the async `auth` function.
		It is useful if you want to support multiple authentication strategies, as it’s API is compatible with its sibling packages for [basic](https://github.com/octokit/auth-basic.js), [GitHub App](https://github.com/octokit/auth-app.js) and [OAuth app](https://github.com/octokit/auth.js) authentication.

		The `auth` function validates the passed token and resolves with the correct `authorization` header.
		<!-- toc -->

		## Usage

		<table>
		<tbody valign=top align=left>
		<tr><th>
		Browsers
		</th><td width=100%>

		Load `@octokit/auth-token` directly from [cdn.pika.dev](https://cdn.pika.dev)

		```html
		<script type="module">
		import { createBasicAuth } from "https://cdn.pika.dev/@octokit/auth-token";
		</script>
		```

		</td></tr>
		<tr><th>
		Node
		</th><td>

		Install with <code>npm install @octokit/auth-token</code>

		```js
		const { createBasicAuth } = require("@octokit/auth-token");
		// or: import { createBasicAuth } from "@octokit/auth-token";
		```

		</td></tr>
		</tbody>
		</table>

		```js
		import { createTokenAuth } from "@octokit/auth-token";
		import { request } from "@octokit/request";

		(async () => {
		const auth = createTokenAuth("1234567890abcdef1234567890abcdef12345678");
		const authentication = await auth();
		// {
		// type: 'token',
		// token: '1234567890abcdef1234567890abcdef12345678',
		// tokenType: 'oauth',
		// headers: {
		// authorization: 'token 1234567890abcdef1234567890abcdef12345678'
		// }
		// }

		// `authentication.headers` can be directly passed to a request
		const result = await request("GET /orgs/:org/repos", {
		headers: authentication.headers,
		org: "octokit",
		type: "private"
		});
		})();
		const auth = createTokenAuth("1234567890abcdef1234567890abcdef12345678");
		const authentication = await auth();
		// {
		// type: 'token',
		// token: '1234567890abcdef1234567890abcdef12345678',
		// tokenType: 'oauth',
		// headers: {
		// authorization: 'token 1234567890abcdef1234567890abcdef12345678'
		// }
		// }
		```

		## `createTokenAuth(token)`
		## `createTokenAuth(token) options`

		@@ -55,3 +75,3 @@ The `createTokenAuth` method accepts a single argument of type string, which is the token. The passed token can be one of the following:
		```js
		// Personal/OAuth access token
		// Personal access token or OAuth access token
		createTokenAuth("1234567890abcdef1234567890abcdef12345678");
		@@ -63,8 +83,10 @@

		It returns the asynchronous `auth()` method.
		## `auth()` options

		## `auth()`
		The `auth()` method has no options.

		The `auth()` method has no options. It returns the authentication object.
		## `auth()` result

		The async `auth()` method resolves with the authentication object.

		## Authentication object
		@@ -117,33 +139,38 @@
		<td>
		<code>"oauth" for personal access tokens and OAuth tokens, or "installation" for installation access tokens</code>
		Can be either <code>"oauth"</code> for personal access tokens and OAuth tokens, or <code>"installation"</code> for installation access tokens (includes <code>GITHUB_TOKEN</code> provided to GitHub Actions)
		</td>
		</tr>
		<tr>
		<th>
		<code>headers</code>
		</th>
		<th>
		<code>object</code>
		</th>
		<td>
		<code>{ authorization } </code> - value for the "Authorization" header.
		</td>
		</tr>
		<tr>
		<th>
		<code>query</code>
		</th>
		<th>
		<code>object</code>
		</th>
		<td>
		<code>{}</code> - not used
		</td>
		</tr>
		</tbody>
		</table>

		## `auth.hook(request, route, options)` or `auth.hook(request, options)`

		`auth.hook()` hooks directly into the request life cycle. It authenticates the request using the provided token.

		The `request` option is an instance of [`@octokit/request`](https://github.com/octokit/request.js#readme). The `route`/`options` parameters are the same as for the [`request()` method](https://github.com/octokit/request.js#request).

		`auth.hook()` can be called directly to send an authenticated request

		```js
		const { data: authorizations } = await auth.hook(
		request,
		"GET /authorizations"
		);
		```

		Or it can be passed as option to [`request()`](https://github.com/octokit/request.js#request).

		```js
		const requestWithAuth = request.defaults({
		request: {
		hook: auth.hook
		}
		});

		const { data: authorizations } = await requestWithAuth("GET /authorizations");
		```

		## Find more information

		`createTokenAuth` does not send any requests, it only transforms the provided token string into an authentication object.
		`auth()` does not send any requests, it only transforms the provided token string into an authentication object.

		@@ -157,24 +184,19 @@ Here is a list of things you can do to retrieve further information
		```js
		import { createTokenAuth } from "@octokit/auth-token";
		import { request } from "@octokit/request";

		const TOKEN = "1234567890abcdef1234567890abcdef12345678";

		(async () => {
		const auth = createTokenAuth(TOKEN);
		const authentication = await auth();
		const auth = createTokenAuth(TOKEN);
		const authentication = await auth();

		const response = await request("HEAD /", {
		headers: authentication.headers
		});
		const scopes = response.headers["x-oauth-scopes"].split(/,\s+/);
		const response = await request("HEAD /", {
		headers: authentication.headers
		});
		const scopes = response.headers["x-oauth-scopes"].split(/,\s+/);

		if (scopes.length) {
		console.log(
		`"${TOKEN}" has ${scopes.length} scopes enabled: ${scopes.join(", ")}`
		);
		} else {
		console.log(`"${TOKEN}" has no scopes enabled`);
		}
		})();
		if (scopes.length) {
		console.log(
		`"${TOKEN}" has ${scopes.length} scopes enabled: ${scopes.join(", ")}`
		);
		} else {
		console.log(`"${TOKEN}" has no scopes enabled`);
		}
		```
		@@ -185,24 +207,19 @@
		```js
		import { createTokenAuth } from "@octokit/auth-token";
		import { request } from "@octokit/request";

		const TOKEN = "1234567890abcdef1234567890abcdef12345678";

		(async () => {
		const auth = createTokenAuth(TOKEN);
		const authentication = await auth();
		const auth = createTokenAuth(TOKEN);
		const authentication = await auth();

		const response = await request("HEAD /", {
		headers: authentication.headers
		});
		const clientId = response.headers["x-oauth-client-id"];
		const response = await request("HEAD /", {
		headers: authentication.headers
		});
		const clientId = response.headers["x-oauth-client-id"];

		if (clientId) {
		console.log(
		`"${token}" is an OAuth token, its app’s client_id is ${clientId}.`
		);
		} else {
		console.log(`"${token}" is a personal access token`);
		}
		})();
		if (clientId) {
		console.log(
		`"${token}" is an OAuth token, its app’s client_id is ${clientId}.`
		);
		} else {
		console.log(`"${token}" is a personal access token`);
		}
		```
		@@ -215,24 +232,19 @@
		```js
		import { createTokenAuth } from "@octokit/auth-token";
		import { request } from "@octokit/request";

		const TOKEN = "1234567890abcdef1234567890abcdef12345678";

		(async () => {
		const auth = createTokenAuth(TOKEN);
		const authentication = await auth();
		const auth = createTokenAuth(TOKEN);
		const authentication = await auth();

		const response = await request("GET /repos/:owner/:repo", {
		owner: 'octocat',
		repo: 'hello-world'
		headers: authentication.headers
		});
		const response = await request("GET /repos/:owner/:repo", {
		owner: 'octocat',
		repo: 'hello-world'
		headers: authentication.headers
		});

		console.log(response.data.permissions)
		// {
		// admin: true,
		// push: true,
		// pull: true
		// }
		})();
		console.log(response.data.permissions)
		// {
		// admin: true,
		// push: true,
		// pull: true
		// }
		```
		@@ -242,21 +254,18 @@

		Both OAuth and installation access tokens can be used for git operations. However when using with an installation, [the token must be prefixed with `x-access-token`](https://developer.github.com/apps/building-github-apps/authenticating-with-github-apps/#http-based-git-access-by-an-installation).
		Both OAuth and installation access tokens can be used for git operations. However, when using with an installation, [the token must be prefixed with `x-access-token`](https://developer.github.com/apps/building-github-apps/authenticating-with-github-apps/#http-based-git-access-by-an-installation).

		This example is using the [`execa`](https://github.com/sindresorhus/execa) package to run a `git push` command.

		```js
		import { createTokenAuth } from "@octokit/auth-token";
		import { request } from "execa";

		const TOKEN = "1234567890abcdef1234567890abcdef12345678";

		(async () => {
		const auth = createTokenAuth(TOKEN);
		const { token, tokenType } = await auth();
		const tokenWithPrefix =
		tokenType === "installation" ? `x-access-token:${token}` : token;
		const auth = createTokenAuth(TOKEN);
		const { token, tokenType } = await auth();
		const tokenWithPrefix =
		tokenType === "installation" ? `x-access-token:${token}` : token;

		const repositoryUrl = `https://${tokenWithPrefix}@github.com/octocat/hello-world.git`;
		const repositoryUrl = `https://${tokenWithPrefix}@github.com/octocat/hello-world.git`;

		const { stdout } = await execa("git", ["push", repositoryUrl]);
		console.log(stdout);
		})();
		const { stdout } = await execa("git", ["push", repositoryUrl]);
		console.log(stdout);
		```
		@@ -263,0 +272,0 @@

.travis.yml

CODE_OF_CONDUCT.md

src/auth.ts

src/index.ts

src/types.ts

test/index.test.ts

tsconfig.json

New alerts

Improved metrics

Worsened metrics