Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[QUESTION] How to use with GitHub Apps? #163

Open
LarryBarker opened this issue Jun 9, 2024 · 0 comments
Open

[QUESTION] How to use with GitHub Apps? #163

LarryBarker opened this issue Jun 9, 2024 · 0 comments

Comments

@LarryBarker
Copy link

Hey there, thank you for sharing this package - it has been tremendously helpful! I'm wondering if you can provide some general guidance or help answer some questions about how to integrate a GitHub App with my Laravel app?

For context, I was using Laravel Socialite to provide oauth authentication, and then piggybacking off this and using the oauth token to work with my users pull requests, comments, etc. and based on their feedback, they prefer these actions to come from the app itself, instead of their account. For example, when my app leaves a comment on their PR, it appears as if the user left the comment, instead of my app.

I have started researching and testing GitHub Apps, and have run into a couple issues and would greatly appreciate any feedback you may have.

I do have a working proof of concept, although it seems a bit "hacky" and I want to see if you have any recommendations on a better approach? So here's what I'm doing currently:

  1. I found this doc in the KnpLaps repo: https://github.com/KnpLabs/php-github-api/blob/v3.14.0/doc/security.md#authenticating-as-an-integration
  2. I am basically using this to generate my JWT token, and then using the same package to generate an installation token: https://github.com/KnpLabs/php-github-api/blob/v3.14.0/doc/apps.md#create-a-new-installation-token
  3. Next, using the installation token, I am using Laravel's HTTP facade to make a request, rather than your package:
$builder = new Builder();
    $github = new Client($builder, 'machine-man-preview');
    $config = Configuration::forSymmetricSigner(
        new Sha256(),
        InMemory::file('/Users/larry/Herd/glimpse/private-key.pem')
    );

    $now = new \DateTimeImmutable();
    $jwt = $config->builder(ChainedFormatter::withUnixTimestampDates())
        ->issuedBy('914264')
        ->issuedAt($now)
        ->expiresAt($now->modify('+1 minute'))
        ->getToken($config->signer(), $config->signingKey());

    $github->authenticate($jwt->toString(), null, AuthMethod::JWT);
    $token = $github->api('apps')->createInstallationToken(51661655);


    $response = Http::withToken($token['token'])
                ->post('https://github.com/gitapi/repos/'...);

I would love to continue using your package if possible, just not sure how to do so at this point?

I have tried using other connection methods, including app, private, and jwt but continue to face the Bad credentials error from GitHub.

Again, thank you for your work here, and I look forward to your reply in either case 🙏
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@LarryBarker