jasonbot · April 27, 2023 10:42 · xor2003 · Oct 1, 2019
diff --git a/github_access_token_for_app_install.py b/github_access_token_for_app_install.py
 def get_github3_client():
    """See
    
           https://developer.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app
    
       for an explanation of how/why this is like it is.
       
       Requires requests, pyjwt, and github3. Make sure you intall a newer
       version of cryptography for pyjwt as well."""

    payload = {
        # issued at time
        'iat': int(time.time()),
        # JWT expiration time (10 minute maximum)
        'exp': int(time.time() + (10 * 60)),
        # GitHub App's identifier
        'iss': str(config.GITHUB_ID)
    }

    url = "https://api.github.com/app"
    jwt_payload = jwt.encode(payload, config.GITHUB.PRIVATE_KEY, algorithm="RS256")
    headers = {"Authorization": "Bearer {jwt}".format(jwt=str(jwt_payload)),
               "Accept": "application/vnd.github.machine-man-preview+json"}

    # Requests "helpfully" clobbers Authentication headers if you don't use your own
    # authentication method. Thanks, requests.
    class CustomJWTAuth(requests.auth.AuthBase):
        def __call__(self, r):
            r.headers['Authorization'] = headers['Authorization']
            return r

    response = requests.get(url, headers=headers, auth=CustomJWTAuth())
    response.raise_for_status()

    installations_url = "https://api.github.com/app/installations"
    installations_response = requests.get(installations_url, headers=headers, auth=CustomJWTAuth())
    installations_response.raise_for_status()

    for item in installations_response.json():
        installation_id = item['id']

        access_tokens_url = "https://api.github.com/app/installations/{installation_id}/access_tokens".format(
            installation_id=installation_id)
        access_tokens_response = requests.post(access_tokens_url, headers=headers, auth=CustomJWTAuth())
        access_tokens_response.raise_for_status()

        token = access_tokens_response.json()['token']
        return github3.login(token=token)

    raise Exception("No app installations")
	def get_github3_client():
	"""See

	https://developer.github.com/apps/building-github-apps/authenticating-with-github-apps/#authenticating-as-a-github-app

	for an explanation of how/why this is like it is.

	Requires requests, pyjwt, and github3. Make sure you intall a newer
	version of cryptography for pyjwt as well."""

	payload = {
	# issued at time
	'iat': int(time.time()),
	# JWT expiration time (10 minute maximum)
	'exp': int(time.time() + (10 * 60)),
	# GitHub App's identifier
	'iss': str(config.GITHUB_ID)
	}

	url = "https://api.github.com/app"
	jwt_payload = jwt.encode(payload, config.GITHUB.PRIVATE_KEY, algorithm="RS256")
	headers = {"Authorization": "Bearer {jwt}".format(jwt=str(jwt_payload)),
	"Accept": "application/vnd.github.machine-man-preview+json"}

	# Requests "helpfully" clobbers Authentication headers if you don't use your own
	# authentication method. Thanks, requests.
	class CustomJWTAuth(requests.auth.AuthBase):
	def __call__(self, r):
	r.headers['Authorization'] = headers['Authorization']
	return r

	response = requests.get(url, headers=headers, auth=CustomJWTAuth())
	response.raise_for_status()

	installations_url = "https://api.github.com/app/installations"
	installations_response = requests.get(installations_url, headers=headers, auth=CustomJWTAuth())
	installations_response.raise_for_status()

	for item in installations_response.json():
	installation_id = item['id']

	access_tokens_url = "https://api.github.com/app/installations/{installation_id}/access_tokens".format(
	installation_id=installation_id)
	access_tokens_response = requests.post(access_tokens_url, headers=headers, auth=CustomJWTAuth())
	access_tokens_response.raise_for_status()

	token = access_tokens_response.json()['token']
	return github3.login(token=token)

	raise Exception("No app installations")
No results found