从Github获取访问令牌

时间:2017-12-25 10:19:37

标签: javascript node.js jwt github-api

我正在尝试使用NodeJS客户端从Github获取访问令牌。

const axios = require("axios");
var jwt = require("jsonwebtoken");

exports.openedPOST = function openedPOST(req, res) {

// generate jwt
const now = Math.round(Date.now() / 1000);
const payload = {
    // issued at time
    iat: now,
    // expires in 10min
    exp: now + 600,
    // Github app id
    iss: 6700
};

const token = jwt.sign(payload, cert, { algorithm: "RS256" });
console.log(token)

// auth to github
axios({
  method: "get",
  url: "https://api.github.com/app",
  headers: {
    Accept: "application/vnd.github.machine-man-preview+json",
    Authorization: `Bearer ${token}`
  }
})
.then(function(response) {
  console.log(response.data);
})
.catch(function(error) {
  console.warn("Unable to authenticate");
  // The request was made and the server responded with a status code
  // that falls out of the range of 2xx
  if (error.response) {
    console.warn(`Status ${error.response.status}`);
    console.warn(`${error.response.data.message}`);
  }
});

res.status(200).end();

但这只会产生: { "message": "A JSON web token could not be decoded", "documentation_url": "https://developer.github.com/v3" }

我已在https://jwt.io验证了令牌,有效负载符合预期。

1 个答案:

答案 0 :(得分:1)

我得到了这个工作。它主要基于你所拥有的,但有一些调整:

const axios = require("axios");
var fs = require('fs');
var jwt = require("jsonwebtoken");


exports.openedPOST = function openedPOST(req, res) {

  // Private key contents
  var private_key = fs.readFileSync("/path/to/pemfile.pem");
  console.log("private_key: ", private_key);

  // generate jwt
  const now = Math.round(Date.now() / 1000);
  const payload = {
    // issued at time
    iat : now,
    // expires in 10min
    exp : now + (10 * 60),
    // Github app id
    iss : 7233
  };
  console.log("payload: ", payload);

  const token = jwt.sign(payload, private_key, { algorithm: 'RS256' })
  console.log("Token: ", token)

  // auth to github
  var instance = axios({
    method: "get",
    url: "https://api.github.com/app",
    headers: {
      "Accept" : "application/vnd.github.machine-man-preview+json",
      "Authorization" : `Bearer ${token}`
    }
  })
  .then(function(response) {
    console.log("Response: ",response.data);
  })
  .catch(function(error) {
    console.warn("Unable to authenticate");
    // The request was made and the server responded with a status code
    // that falls out of the range of 2xx
    if (error.response) {
      console.warn(`Status ${error.response.status}`);
      console.warn(`${error.response.data.message}`);
    }
  });
};
exports.openedPOST();

我的主要问题是生成了private_key变量。 Alos,我将600更改为(10 * 60)因为我在调查的一个阶段遇到了不同的错误,但事实证明这不是问题所在。你在那里所拥有的并不重要,所以我离开了它。

我做的另一个更改是将axios分配给变量。我对node.js比较新,所以不确定为什么要这么做但是怀疑它与node.js的同步/异步方面有关。

相关问题
最新问题