gpt4 book ai didi

How to access a private repository using a GitHub App with OAuth?(如何使用带有OAuth的GitHub应用程序访问私有存储库?)

转载 作者:bug小助手 更新时间:2023-10-25 11:34:53 28 4
gpt4 key购买 nike



My goal is to be able to list and access private repositories of a user.

我的目标是能够列出和访问用户的私有存储库。


For this, I've set up a GitHub App to perform some tasks as an app. I have also enabled the OAuth capability of my app. I want to make clear that this is a GitHub App with OAuth capabilities, not an OAuth App itself.

为此,我设置了一个GitHub应用程序来执行一些应用程序的任务。我还启用了我的应用程序的OAuth功能。我想澄清的是,这是一个具有OAuth功能的GitHub应用程序,而不是OAuth应用程序本身。


In the registered callback, I obtain an installation_id that allows me to execute actions on behalf of the app. Additionally, I receive a code which I then exchange for a valid authorization key to execute actions on behalf of the user.

在注册的回调中,我获得了一个安装ID,它允许我代表应用程序执行操作。此外,我还会收到一个代码,然后将其交换为有效的授权密钥,以代表用户执行操作。


Despite my attempts to request all repositories using either the installation ID or the authorization code, I'm only able to access public repositories. It appears that private repositories can only be accessed through a Personal Access Token (PAT) or, maybe a dedicated OAuth App. Am I missing something?

尽管我尝试使用安装ID或授权码请求所有存储库,但我只能访问公共存储库。私人存储库似乎只能通过个人访问令牌(PAT)或专用的OAuth应用程序访问。我是不是遗漏了什么?


更多回答
优秀答案推荐

Listing accessible repos as an app is a two step process:

将可访问的回购作为应用程序列出是一个分两步进行的过程:



  1. Get an Installation Access Token from https://api.github.com/app/installations/{installation_id}/access_tokens, authenticating as the App (Bearer authorization, and a JWT signed by the App Private Key. The Installation Access Token expires 1 hour after issuance.



  2. Use the Installation Access Token as Bearer authorization token to query one of the available API endpoints, such as /installation/repositories




You won't be able to list the user's private repositories, but only those he granted your app access to. The that list of repos may include some private repositories, but the app will not have access to private repos it was not granted access to.

您不能列出用户的私人存储库,但只能列出他授予您的应用程序访问权限的存储库。Repos列表可能包括一些私人存储库,但该应用程序将无法访问它未被授予访问权限的私人Repos。


You can access the repos themselves as an app for clone/fetch/etc using an url like "https://x-access-token:{intallation_access_token}@{reponame}".

您可以使用像“https://x-access-token:{intallation_access_token}@{reponame}”.这样的URL将Repos本身作为应用程序进行克隆/获取等访问


更多回答

Thanks for the explanation. Unfortunately I did add the private repository to the accessible repos, but it still skips it. I found multiple other people having the same issue and switching to Github OAuth seem to have fixed the issue. It's a minimally different flow, but still.

谢谢你的解释。不幸的是,我确实将私有存储库添加到了可访问的repos中,但它仍然跳过它。我发现许多其他人也有同样的问题,他们改用Github OAuth似乎已经解决了这个问题。这是一种差异最小的流动,但仍是如此。

I use this exact recipe for my app and the listing returned is correct (matches the list of repos where the app is enabled, which is a mix of private and public repos), so I can confirm that the procedure, as documented by GitHub, does work.

我对我的应用程序使用了这个配方,返回的列表是正确的(与应用程序启用的repos列表匹配,这是私人和公共repos的混合),所以我可以确认GitHub记录的程序确实有效。

@DanielStephens make sure to query the /installation/respositories endpoint ("List repositories accessible to the app installation") and not /users/{username}/repos ("List repositories for a user")

@DanielStephens确保查询/Installation/respositories端点(“列出应用程序安装可访问的存储库”),而不是/USERS/{用户名}/repos(“列出用户的存储库”)

That makes absolutely sense, merci!

这完全说得通,谢谢!

28 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com