我尝试使用Node.js自动执行this page中列出的流程。
到目前为止,我已经提出以下建议:
const axios = require("axios");
var fs = require('fs');
var NodeRSA = require('node-rsa');
var jwt = require("jsonwebtoken");
exports.openedPOST = function openedPOST(req, res) {
// Private key contents
var private_pem = fs.readFileSync("test-runner.pem");
var key = new NodeRSA({b: 512});
var private_key = key.encrypt(private_pem, 'base64');
// generate jwt
const now = Math.round(Date.now() / 1000);
const payload = {
// issued at time
iat : now,
// expires in 10min
exp : now + (10 * 60),
// Github app id
iss : 7233
};
const token = jwt.sign(payload, private_key, { algorithm: 'RS256' })
// auth to github
var instance = axios({
method: "get",
url: "https://api.github.com/app",
headers: {
"Accept" : "application/vnd.github.machine-man-preview+json",
"Authorization" : `Bearer ${token}`
}
})
.then(function(response) {
console.log("Response: ",response.data);
})
.catch(function(error) {
console.warn("Unable to authenticate");
// The request was made and the server responded with a status code
// that falls out of the range of 2xx
if (error.response) {
console.warn(`Status ${error.response.status}`);
console.warn(`${error.response.data.message}`);
}
});
};
exports.openedPOST();
这给了我以下错误:
crypto.js:331
var ret = this._handle.sign(toBuf(key), passphrase, rsaPadding,
^
Error: error:0906D06C:PEM routines:PEM_read_bio:no start line
at Sign.sign (crypto.js:331:26)
at Object.sign (/modules/jwa/index.js:55:45)
at Object.jwsSign [as sign] (/modules/jws/lib/sign-stream.js:23:24)
at Object.module.exports [as sign] (/modules/jsonwebtoken/sign.js:186:16)
at Object.openedPOST (GenerateAccessToken.js:29:21)
at Object.<anonymous> (GenerateAccessToken.js:58:9)
at Module._compile (module.js:635:30)
at Object.Module._extensions..js (module.js:646:10)
at Module.load (module.js:554:32)
at tryModuleLoad (module.js:497:12)
我认为这个问题与private_key代有关,因为当我手动生成一个private_key并硬编码代替jwt.sign(payload, private_key, { algorithm: 'RS256' })时,我得到了我期望的结果。< / p>
关于可能出错的问题的想法是new NodeRSA({b: 512});应该是不同的。我认为它可能是new NodeRSA({b: 256});但是这给了我以下错误:
/Users/paulcarron/Desktop/node_modules/jsonwebtoken/sign.js:97
throw err;
^
Error: secretOrPrivateKey must have a value
at Object.module.exports [as sign] (/modules/jsonwebtoken/sign.js:101:20)
at Object.openedPOST (GenerateAccessToken.js:29:21)
at Object.<anonymous> (GenerateAccessToken.js:58:9)
at Module._compile (module.js:635:30)
at Object.Module._extensions..js (module.js:646:10)
at Module.load (module.js:554:32)
at tryModuleLoad (module.js:497:12)
at Function.Module._load (module.js:489:3)
at Function.Module.runMain (module.js:676:10)
at startup (bootstrap_node.js:187:16)
另一个想法是,test-runner.pem的内容不正确,但确实以-----BEGIN RSA PRIVATE KEY-----开头,以-----END RSA PRIVATE KEY-----结尾。此外,我在手动生成令牌时使用相同的文件。但是,如果我将private_pem写入控制台,则会打印以下内容:
<Buffer 2d 2d 2d 2d 2d 42 45 47 49 4e 20 52 53 41 20 50 52 49 56 41 54 45 20 4b 45 59 2d 2d 2d 2d 2d 0a 4d 49 49 45 6f 77 49 42 41 41 4b 43 41 51 45 41 31 65 ... >
我;我不确定这是否正确。
我做错了什么?
答案 0 :(得分:2)
我得到了这个工作。
const axios = require("axios");
var fs = require('fs');
var jwt = require("jsonwebtoken");
var gitInstallationAccessToken = {
genJWTToken: function() {
// Private key contents
var private_key = fs.readFileSync("./path/to/my/pem_file.pem");
// generate jwt
const now = Math.round(Date.now() / 1000);
const payload = {
// issued at time
iat : now,
// expires in 10min
exp : now + (10 * 60),
// Github app id
iss : 1234
};
const token = jwt.sign(payload, private_key, { algorithm: 'RS256' })
return token;
},
genInstallationAccessToken: function(callback) {
var instance = axios({
method: "post",
url: "https://api.github.com/installations/1234/access_tokens",
headers: {
"Accept" : "application/vnd.github.machine-man-preview+json",
"Authorization" : `Bearer ` + gitInstallationAccessToken.genJWTToken()
}
})
.then(function(response) {
callback(response.data.token);
})
.catch(function(error) {
console.warn("Unable to authenticate");
// The request was made and the server responded with a status code
// that falls out of the range of 2xx
if (error.response) {
console.warn(`Status ${error.response.status}`);
console.warn(`${error.response.data.message}`);
}
});
}
}
module.exports = gitInstallationAccessToken;