Last active
November 15, 2024 15:35
-
-
Save magickatt/22d764446fae5b40b5af981e0b27da4f to your computer and use it in GitHub Desktop.
Revisions
-
magickatt revised this gist
Nov 15, 2024 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,6 +1,6 @@ #!/usr/bin/env bash # Combination of generating the JWT and the token # https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app#generating-a-json-web-token-jwt # https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/authenticating-as-a-github-app#using-a-json-web-token-jwt-to-authenticate-as-a-github-app # https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/generating-an-installation-access-token-for-a-github-app#generating-an-installation-access-token -
Nov 14, 2024 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -9,6 +9,7 @@ set -o pipefail client_id=$GITHUB_APP_ID install_id=$GITHUB_INSTALL_ID pem=$GITHUB_APP_PEM now=$(date +%s) @@ -50,7 +51,7 @@ printf '%s\n' "JWT: $jwt" # Create token (requires the JWT) token=$(curl --request POST --silent \ --url "https://api.github.com/app/installations/$install_id/access_tokens" \ --header "Accept: application/vnd.github+json" \ --header "Authorization: Bearer $jwt" \ --header "X-GitHub-Api-Version: 2022-11-28" | jq .token --raw-output) -
Nov 14, 2024 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,4 +1,5 @@ #!/usr/bin/env bash # Combination of generating the JWT and using it with the GitHub API # https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app#generating-a-json-web-token-jwt # https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/authenticating-as-a-github-app#using-a-json-web-token-jwt-to-authenticate-as-a-github-app -
Nov 14, 2024 . 1 changed file with 14 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,6 +2,8 @@ # Combination of generating the JWT and using it with the GitHub API # https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app#generating-a-json-web-token-jwt # https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/authenticating-as-a-github-app#using-a-json-web-token-jwt-to-authenticate-as-a-github-app # https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/generating-an-installation-access-token-for-a-github-app#generating-an-installation-access-token # https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/authenticating-as-a-github-app-installation set -o pipefail @@ -14,7 +16,7 @@ exp=$((${now} + 600)) # Expires 10 minutes in the future b64enc() { openssl base64 | tr -d '=' | tr '/+' '_-' | tr -d '\n'; } # JWT header header_json='{ "typ":"JWT", "alg":"RS256" @@ -39,8 +41,17 @@ curl_status=$(curl --request GET --silent --output /dev/null \ --write-out "%{http_code}" \ --url "https://api.github.com/app/installations" \ --header "Accept: application/vnd.github+json" \ --header "Authorization: Bearer $jwt" \ --header "X-GitHub-Api-Version: 2022-11-28") echo "GitHub App JWT API test response code: ${curl_status}" printf '%s\n' "JWT: $jwt" # Create token (requires the JWT) token=$(curl --request POST --silent \ --url "https://api.github.com/app/installations/$client_id/access_tokens" \ --header "Accept: application/vnd.github+json" \ --header "Authorization: Bearer $jwt" \ --header "X-GitHub-Api-Version: 2022-11-28" | jq .token --raw-output) printf '%s\n' "Token: ${token}" -
Nov 14, 2024 . 1 changed file with 3 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,4 +1,7 @@ #!/usr/bin/env bash # Combination of generating the JWT and using it with the GitHub API # https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app#generating-a-json-web-token-jwt # https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/authenticating-as-a-github-app#using-a-json-web-token-jwt-to-authenticate-as-a-github-app set -o pipefail -
Nov 14, 2024 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,43 @@ #!/usr/bin/env bash set -o pipefail client_id=$GITHUB_APP_ID pem=$GITHUB_APP_PEM now=$(date +%s) iat=$((${now} - 60)) # Issues 60 seconds in the past exp=$((${now} + 600)) # Expires 10 minutes in the future b64enc() { openssl base64 | tr -d '=' | tr '/+' '_-' | tr -d '\n'; } # Header header_json='{ "typ":"JWT", "alg":"RS256" }' header=$( echo -n "${header_json}" | b64enc ) payload_json="{ \"iat\":${iat}, \"exp\":${exp}, \"iss\":\"${client_id}\" }" payload=$( echo -n "${payload_json}" | b64enc ) header_payload="${header}"."${payload}" signature=$( openssl dgst -sha256 -sign <(echo -n "${pem}") \ <(echo -n "${header_payload}") | b64enc ) # Create JWT JWT="${header_payload}"."${signature}" curl_status=$(curl --request GET --silent --output /dev/null \ --write-out "%{http_code}" \ --url "https://api.github.com/app/installations" \ --header "Accept: application/vnd.github+json" \ --header "Authorization: Bearer $JWT" \ --header "X-GitHub-Api-Version: 2022-11-28") echo "GitHub App JWT API test response code: ${curl_status}" printf '%s\n' "JWT: $JWT"