Skip to content

Commit

Permalink
Add : Organization PAT installation
Browse files Browse the repository at this point in the history 
In the article "[Organization APIs for fine-grained PATs management](https://github.blog/changelog/2023-03-24-organization-apis-for-fine-grained-pats-management/)", following new 2 permissions are added to GitHub Apps

- organization_personal_access_tokens
- organization_personal_access_token_requests

These permissions are used for getting and updating GitHub Organization's Fine-grained PAT's lists, requests, revokes.

[APIs of Organization permissions for "Personal access tokens"](https://docs.github.com/en/rest/authentication/permissions-required-for-github-apps?apiVersion=2022-11-28#organization-permissions-for-personal-access-tokens)
[APIs of Organization permissions for "Personal access token requests"](https://docs.github.com/en/rest/authentication/permissions-required-for-github-apps?apiVersion=2022-11-28#organization-permissions-for-personal-access-token-requests)

We can test these permissions following test codes, and successfully I got installation token from GitHub.

```go
package main

import (
	"context"
	"log"
	"net/http"

	"github.com/bradleyfalzon/ghinstallation/v2"
	"github.com/google/go-github/v64/github"
)

func main() {
	ctx := context.Background()
	tr := http.DefaultTransport
	itr, err := ghinstallation.NewAppsTransportKeyFromFile(tr, <your-app-id>, <your-private-key-path>)
	if err != nil {
		log.Fatal(err)
	}
	client := github.NewClient(&http.Client{Transport: itr})
	token, _, err := client.Apps.CreateInstallationToken(
		ctx,
		<your-installation-id>,
		&github.InstallationTokenOptions{
			Permissions: &github.InstallationPermissions{
				OrganizationPersonalAccessTokens:        github.String("read"),
				OrganizationPersonalAccessTokenRequests: github.String("read"),
			},
		})
	if err != nil {
		log.Fatal(err)
	}
	log.Println(token.GetToken())
}
```

Signed-off-by: Hi120ki <[email protected]>
  • Loading branch information
@hi120ki
hi120ki committed Aug 21, 2024
1 parent de03f7b commit 4fdc290
Show file tree
Hide file tree
Showing 2 changed files with 80 additions and 74 deletions.
82 changes: 42 additions & 40 deletions github/apps.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,46 +77,48 @@ type InstallationTokenListRepoOptions struct {
// https://docs.github.com/[email protected]/rest/apps#create-an-installation-access-token-for-an-app
// https://docs.github.com/rest/apps#create-an-installation-access-token-for-an-app
type InstallationPermissions struct {
Actions *string `json:"actions,omitempty"`
ActionsVariables *string `json:"actions_variables,omitempty"`
Administration *string `json:"administration,omitempty"`
Blocking *string `json:"blocking,omitempty"`
Checks *string `json:"checks,omitempty"`
Contents *string `json:"contents,omitempty"`
ContentReferences *string `json:"content_references,omitempty"`
Deployments *string `json:"deployments,omitempty"`
Emails *string `json:"emails,omitempty"`
Environments *string `json:"environments,omitempty"`
Followers *string `json:"followers,omitempty"`
Issues *string `json:"issues,omitempty"`
Metadata *string `json:"metadata,omitempty"`
Members *string `json:"members,omitempty"`
OrganizationAdministration *string `json:"organization_administration,omitempty"`
OrganizationCustomProperties *string `json:"organization_custom_properties,omitempty"`
OrganizationCustomRoles *string `json:"organization_custom_roles,omitempty"`
OrganizationCustomOrgRoles *string `json:"organization_custom_org_roles,omitempty"`
OrganizationHooks *string `json:"organization_hooks,omitempty"`
OrganizationPackages *string `json:"organization_packages,omitempty"`
OrganizationPlan *string `json:"organization_plan,omitempty"`
OrganizationPreReceiveHooks *string `json:"organization_pre_receive_hooks,omitempty"`
OrganizationProjects *string `json:"organization_projects,omitempty"`
OrganizationSecrets *string `json:"organization_secrets,omitempty"`
OrganizationSelfHostedRunners *string `json:"organization_self_hosted_runners,omitempty"`
OrganizationUserBlocking *string `json:"organization_user_blocking,omitempty"`
Packages *string `json:"packages,omitempty"`
Pages *string `json:"pages,omitempty"`
PullRequests *string `json:"pull_requests,omitempty"`
RepositoryHooks *string `json:"repository_hooks,omitempty"`
RepositoryProjects *string `json:"repository_projects,omitempty"`
RepositoryPreReceiveHooks *string `json:"repository_pre_receive_hooks,omitempty"`
Secrets *string `json:"secrets,omitempty"`
SecretScanningAlerts *string `json:"secret_scanning_alerts,omitempty"`
SecurityEvents *string `json:"security_events,omitempty"`
SingleFile *string `json:"single_file,omitempty"`
Statuses *string `json:"statuses,omitempty"`
TeamDiscussions *string `json:"team_discussions,omitempty"`
VulnerabilityAlerts *string `json:"vulnerability_alerts,omitempty"`
Workflows *string `json:"workflows,omitempty"`
Actions *string `json:"actions,omitempty"`
ActionsVariables *string `json:"actions_variables,omitempty"`
Administration *string `json:"administration,omitempty"`
Blocking *string `json:"blocking,omitempty"`
Checks *string `json:"checks,omitempty"`
Contents *string `json:"contents,omitempty"`
ContentReferences *string `json:"content_references,omitempty"`
Deployments *string `json:"deployments,omitempty"`
Emails *string `json:"emails,omitempty"`
Environments *string `json:"environments,omitempty"`
Followers *string `json:"followers,omitempty"`
Issues *string `json:"issues,omitempty"`
Metadata *string `json:"metadata,omitempty"`
Members *string `json:"members,omitempty"`
OrganizationAdministration *string `json:"organization_administration,omitempty"`
OrganizationCustomProperties *string `json:"organization_custom_properties,omitempty"`
OrganizationCustomRoles *string `json:"organization_custom_roles,omitempty"`
OrganizationCustomOrgRoles *string `json:"organization_custom_org_roles,omitempty"`
OrganizationHooks *string `json:"organization_hooks,omitempty"`
OrganizationPackages *string `json:"organization_packages,omitempty"`
OrganizationPersonalAccessTokens *string `json:"organization_personal_access_tokens,omitempty"`
OrganizationPersonalAccessTokenRequests *string `json:"organization_personal_access_token_requests,omitempty"`
OrganizationPlan *string `json:"organization_plan,omitempty"`
OrganizationPreReceiveHooks *string `json:"organization_pre_receive_hooks,omitempty"`
OrganizationProjects *string `json:"organization_projects,omitempty"`
OrganizationSecrets *string `json:"organization_secrets,omitempty"`
OrganizationSelfHostedRunners *string `json:"organization_self_hosted_runners,omitempty"`
OrganizationUserBlocking *string `json:"organization_user_blocking,omitempty"`
Packages *string `json:"packages,omitempty"`
Pages *string `json:"pages,omitempty"`
PullRequests *string `json:"pull_requests,omitempty"`
RepositoryHooks *string `json:"repository_hooks,omitempty"`
RepositoryProjects *string `json:"repository_projects,omitempty"`
RepositoryPreReceiveHooks *string `json:"repository_pre_receive_hooks,omitempty"`
Secrets *string `json:"secrets,omitempty"`
SecretScanningAlerts *string `json:"secret_scanning_alerts,omitempty"`
SecurityEvents *string `json:"security_events,omitempty"`
SingleFile *string `json:"single_file,omitempty"`
Statuses *string `json:"statuses,omitempty"`
TeamDiscussions *string `json:"team_discussions,omitempty"`
VulnerabilityAlerts *string `json:"vulnerability_alerts,omitempty"`
Workflows *string `json:"workflows,omitempty"`
}

// InstallationRequest represents a pending GitHub App installation request.
Expand Down
72 changes: 38 additions & 34 deletions github/apps_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -149,6 +149,8 @@ func TestAppsService_ListInstallations(t *testing.T) {
"organization_custom_roles": "write",
"organization_hooks": "write",
"organization_packages": "write",
"organization_personal_access_tokens": "read",
"organization_personal_access_token_requests": "read",
"organization_plan": "read",
"organization_pre_receive_hooks": "write",
"organization_projects": "read",
Expand Down Expand Up @@ -197,40 +199,42 @@ func TestAppsService_ListInstallations(t *testing.T) {
SingleFileName: String("config.yml"),
RepositorySelection: String("selected"),
Permissions: &InstallationPermissions{
Actions: String("read"),
Administration: String("read"),
Checks: String("read"),
Contents: String("read"),
ContentReferences: String("read"),
Deployments: String("read"),
Environments: String("read"),
Issues: String("write"),
Metadata: String("read"),
Members: String("read"),
OrganizationAdministration: String("write"),
OrganizationCustomRoles: String("write"),
OrganizationHooks: String("write"),
OrganizationPackages: String("write"),
OrganizationPlan: String("read"),
OrganizationPreReceiveHooks: String("write"),
OrganizationProjects: String("read"),
OrganizationSecrets: String("read"),
OrganizationSelfHostedRunners: String("read"),
OrganizationUserBlocking: String("write"),
Packages: String("read"),
Pages: String("read"),
PullRequests: String("write"),
RepositoryHooks: String("write"),
RepositoryProjects: String("read"),
RepositoryPreReceiveHooks: String("read"),
Secrets: String("read"),
SecretScanningAlerts: String("read"),
SecurityEvents: String("read"),
SingleFile: String("write"),
Statuses: String("write"),
TeamDiscussions: String("read"),
VulnerabilityAlerts: String("read"),
Workflows: String("write")},
Actions: String("read"),
Administration: String("read"),
Checks: String("read"),
Contents: String("read"),
ContentReferences: String("read"),
Deployments: String("read"),
Environments: String("read"),
Issues: String("write"),
Metadata: String("read"),
Members: String("read"),
OrganizationAdministration: String("write"),
OrganizationCustomRoles: String("write"),
OrganizationHooks: String("write"),
OrganizationPackages: String("write"),
OrganizationPersonalAccessTokens: String("read"),
OrganizationPersonalAccessTokenRequests: String("read"),
OrganizationPlan: String("read"),
OrganizationPreReceiveHooks: String("write"),
OrganizationProjects: String("read"),
OrganizationSecrets: String("read"),
OrganizationSelfHostedRunners: String("read"),
OrganizationUserBlocking: String("write"),
Packages: String("read"),
Pages: String("read"),
PullRequests: String("write"),
RepositoryHooks: String("write"),
RepositoryProjects: String("read"),
RepositoryPreReceiveHooks: String("read"),
Secrets: String("read"),
SecretScanningAlerts: String("read"),
SecurityEvents: String("read"),
SingleFile: String("write"),
Statuses: String("write"),
TeamDiscussions: String("read"),
VulnerabilityAlerts: String("read"),
Workflows: String("write")},
Events: []string{"push", "pull_request"},
CreatedAt: &date,
UpdatedAt: &date,
Expand Down

0 comments on commit 4fdc290

Please sign in to comment.