Skip to content

Commit 35cda84

Browse files
githubofkrishnadhasgithubofkrishnadhas
authored
Merge pull request #4 from githubofkrishnadhas/feature/instalation-token
finishing github app installtion token
2 parents f8a7ce2 + 49053d3 commit 35cda84

File tree

5 files changed

+89
-12
lines changed

5 files changed

+89
-12
lines changed

.dockerignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,4 @@
11
LICENSE
22
README.md
33
.gitignore
4+

Pipfile

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,9 +4,12 @@ verify_ssl = true
44
name = "pypi"
55

66
[packages]
7-
jwt = "==1.3.1"
87
requests = "==2.32.2"
8+
jwt = "==1.3.1"
9+
cryptography = "==42.0.5"
910

11+
[dev-packages]
12+
python-dotenv = "==1.0.1"
1013

1114
[requires]
12-
python_version = "3"
15+
python_version = "3"

Pipfile.lock

Lines changed: 17 additions & 5 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

README.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,7 @@
11
# github-access-using-githubapp
22
github-access-using-githubapp
3+
4+
5+
# Reference
6+
7+
[generating-an-installation-access-token](https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/generating-an-installation-access-token-for-a-github-app#generating-an-installation-access-token)

generate_jwt.py

Lines changed: 61 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,8 @@
22
import time
33
import argparse
44
import os
5-
5+
import requests
6+
from dotenv import load_dotenv
67

78
def create_jwt(private_key, app_id):
89
"""
@@ -12,7 +13,7 @@ def create_jwt(private_key, app_id):
1213
:return:
1314
"""
1415
# Open PEM
15-
# with open(pem_path, 'rb') as pem_file:
16+
# with open(private_key, 'rb') as pem_file:
1617
# signing_key = jwk_from_pem(pem_file.read())
1718
signing_key = jwk_from_pem(private_key.encode('utf-8'))
1819

@@ -30,27 +31,82 @@ def create_jwt(private_key, app_id):
3031
encoded_jwt = jwt_instance.encode(payload, signing_key, alg='RS256')
3132

3233
# Set JWT as environment variable
33-
os.environ["GITHUB_JWT"] = encoded_jwt
34+
# os.environ["GITHUB_JWT"] = encoded_jwt
3435

35-
print(f"JWT set as environment variable: JWT={encoded_jwt}")
36+
# print(f"JWT token created successfully")
3637
return encoded_jwt
3738

39+
def get_app_installation_id(jwt:str, github_account_type:str):
40+
"""
41+
returns github app installation id on user and org accounts
42+
:param jwt:
43+
:return:
44+
"""
45+
GITHUB_REPOSITORY = os.getenv('GITHUB_REPOSITORY')
46+
GITHUB_REPOSITORY_OWNER = os.getenv('GITHUB_REPOSITORY_OWNER')
47+
org_url = f'https://api.github.com/repos/{GITHUB_REPOSITORY}/installation'
48+
user_url = f'https://api.github.com/users/{GITHUB_REPOSITORY_OWNER}/installation'
49+
if github_account_type == 'user':
50+
url = user_url
51+
else:
52+
url = org_url
53+
headers = {
54+
"Accept": "application/vnd.github+json",
55+
"Authorization": f"Bearer {jwt}",
56+
"X-GitHub-Api-Version": "2022-11-28"
57+
}
58+
response = requests.get(url= url, headers=headers)
59+
60+
if response.status_code == 200:
61+
print(f'Okay. Received proper response.Got installation id')
62+
response_json = response.json()
63+
elif response.status_code == 301:
64+
print(f'Moved permanently. Cant get a response')
65+
else:
66+
print(f'Resource Not Found!')
67+
68+
# Installation id of github app
69+
installation_id = response_json['id']
70+
return installation_id
71+
72+
def generate_token_by_post_call(installation_id:int, jwt:str):
73+
"""
74+
create a app installation token by doing a rest api post call with permissions for application
75+
:return:
76+
"""
77+
url = f'https://api.github.com/app/installations/{installation_id}/access_tokens'
78+
headers = {
79+
"Accept": "application/vnd.github+json",
80+
"Authorization": f"Bearer {jwt}",
81+
"X-GitHub-Api-Version": "2022-11-28"
82+
}
83+
response = requests.post(url=url, headers=headers)
84+
response_json = response.json()
85+
if response.status_code == 201:
86+
print(f'Github app installation token generate succcessfully, expires at {response_json["expires_at"]}')
87+
os.environ['GH_TOKEN'] = response_json['token']
3888

3989
def main():
4090
"""
4191
to test the code
4292
:return:
4393
"""
94+
load_dotenv()
4495
parser = argparse.ArgumentParser(description="Create JWT for GitHub App authentication")
4596
parser.add_argument("--github_app_private_key",required=True, type=str, help="Github App Private key")
97+
parser.add_argument("--github_account_type",required=True, choices=['user','organization'], help="Github account whether user account ot github org")
4698
parser.add_argument("--github_app_id",required=True, type=str, help="Your GitHub App ID")
4799
args = parser.parse_args()
48100

49101
private_key = args.github_app_private_key
50102
app_id = args.github_app_id
103+
github_account_type = args.github_account_type
51104

52105
# function call
53-
create_jwt(private_key, app_id)
106+
jwt = create_jwt(private_key=private_key, app_id=app_id)
107+
installation_id = get_app_installation_id(jwt=jwt, github_account_type=github_account_type)
108+
generate_token_by_post_call(installation_id=installation_id, jwt=jwt)
109+
54110

55111
if __name__ == "__main__":
56112
main()

0 commit comments

Comments
 (0)