Contents

# frozen_string_literal: true

require 'jwt'
require "uri"
require 'openssl'

require "github_authentication/http"

module GithubAuthentication
  module Generator
    class App
      attr_reader :app_id, :installation_id

      def initialize(pem:, installation_id:, app_id:)
        @private_key = OpenSSL::PKey::RSA.new(pem)
        @installation_id = installation_id
        @app_id = app_id
      end

      def generate
        url = "https://api.github.com/app/installations/#{installation_id}/access_tokens"
        response = Http.post(url) do |request|
          request["Authorization"] = "Bearer #{jwt}"
          request["Accept"] = "application/vnd.github.machine-man-preview+json"
          request
        end

        unless response.is_a?(Net::HTTPSuccess)
          raise TokenGeneratorError, "[#{response.code}] #{response.body}"
        end

        Token.from_json(response.body)
      end

      private

      def jwt
        payload = {
          # issued at time
          iat: Time.now.utc.to_i,
          # JWT expiration time (10 minute maximum)
          exp: Time.now.utc.to_i + (10 * 60),
          # GitHub App's identifier
          iss: app_id,
        }
        JWT.encode(payload, @private_key, "RS256")
      end
    end
  end
end

Version data entries

3 entries across 3 versions & 1 rubygems

Version	Path
github-authentication-1.0.2	lib/github_authentication/generator/app.rb
github-authentication-1.0.1	lib/github_authentication/generator/app.rb
github-authentication-1.0.0	lib/github_authentication/generator/app.rb