I'm trying to post an issue on GitHub with the GitHub API.
I looked at the API documentation,
https://developer.github.com/v3/issues/#create-an-issue
but I can't figure out where the account information should go in the request body.
How should I authenticate this request?
You can see example of scripts posting issues in:
"'mapserver-trac-importer" (authentication github_post, with user/password)
"simple basic-auth node github api" (authentication here, with user/password)
".bashrc" (authentication in curl, with oauth)
As described in API V3 authentication, you can either user username/password, or an oauth token.
Note that if you have activated the 2FA (2 Form Authentication), you will need an oauth token.
I prefer oauth anyway, because you can revoke the token at any time (token that you can create just for this script), without having the hassle to change your password (which you could use in multiple other instances).
Related
I made user authorizztion via GitHub OAuth. So now I'm trying to make a log out func. According to GitHub I can do it via revoking access token (https://docs.github.com/en/rest/reference/apps#delete-an-app-authorization). But this endpoint throws 404 all the time and according to the API main page (https://api.github.com/) there is no such endpoint at all. Found similar questions but without solutions.
Remove/revoke GitHub OAuth 'access_token'
GitHub OAuth logout or revoke of token
In the Google Actions panel we can enable account linking. We can also specify Authorization URL (Endpoint for your sign-in web page that supports OAuth2 code or implicit flows) and Token URL (OAuth2 endpoint for token exchange). Endpoints configuration image
I don't see any configuration options for Token revocation endpoint, and this possibility is described in the documentation: https://developers.google.com/identity/account-linking/unlinking#token_revocation_endpoint
If you support an OAuth 2.0 token revocation endpoint, your platform can receive notifications from Google. This lets you inform users of link state changes, invalidate a token, and cleanup security credentials and authorization grants.
Where can I set Token revocation endpoint to receive requests when a user deletes a Google Account link directly in their account?
Does Github support OAuth 20 resource owner password credential grant type? I know you can use basic authentication for CLI to login with Github account. The basic authentication can be used to directly request all sorts of user data (like emails, teams, etc). I am curiously to know if CL can request an OAuth access_token by using ROPC, then uses access_token (similar to authorization code grant type) to request user data.
Github's oAuth implementation only supports authorization code grant type. As an alternative (and similar to CLI), you can retrieve a personal access token via basic auth, then use the token for subsequent resource access.
Is it possible to authenticate and get the access token only using CLI? I don't have a browser (for the OAuth2 consent part) and i need to authenticate and request resources using the REST API.
The short answer is no. Google OAuth for User Credentials is performed by a web browser.
If you also have a Google Cloud account, there are ways to create OAuth Access Tokens, but these are short-lived (3600 seconds). Then there is G Suite Domain-Wide delegation that uses a Google Cloud Service Account.
I wrote an article on how to do OAuth using curl but this still requires a web browser, but you can save the tokens and use on a remote device. link.
I am working on an iPhone app in which I am using github api.
To access github I am using Oauth with web application flow. Means First It opens login screen then I give username & password.
But now I want to use OAuth with password grant type. It means I want to access directly with providing username & password in request URL, (No separate login screen).
How its possible? Can anybody help me ?
As described on github developer documentation for Non-Web Application Flow you will need to create a new authorization.
Example:
curl https://api.github.com/authorizations \
--user "put_username_here" \
--data '{"scopes":["user"], "client_id":"your_client_id", "client_secret":"your_client_secret}'
This will prompt you for github password and return oAuth token as a response.
For information on how to do HTTP basic authentication on iPhone, check this link.