From 8969925d51f36e83ff457d0dbfc47e056367f57b Mon Sep 17 00:00:00 2001 From: Marius Storhaug Date: Wed, 6 Nov 2024 15:06:11 +0100 Subject: [PATCH 1/3] Update Get-GitHubAppInstallationAccessToken to take pipeline input from Get-GitHubAppInstallation --- src/functions/public/Actions/Stop-GitHubWorkflowRun.ps1 | 1 - .../public/Apps/Get-GitHubAppInstallationAccessToken.ps1 | 9 +++++++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/src/functions/public/Actions/Stop-GitHubWorkflowRun.ps1 b/src/functions/public/Actions/Stop-GitHubWorkflowRun.ps1 index ba014cc3e..0d42b6a83 100644 --- a/src/functions/public/Actions/Stop-GitHubWorkflowRun.ps1 +++ b/src/functions/public/Actions/Stop-GitHubWorkflowRun.ps1 @@ -42,5 +42,4 @@ Write-Output $_.Response } } - } diff --git a/src/functions/public/Apps/Get-GitHubAppInstallationAccessToken.ps1 b/src/functions/public/Apps/Get-GitHubAppInstallationAccessToken.ps1 index 058a26e9b..32c47bf07 100644 --- a/src/functions/public/Apps/Get-GitHubAppInstallationAccessToken.ps1 +++ b/src/functions/public/Apps/Get-GitHubAppInstallationAccessToken.ps1 @@ -1,4 +1,4 @@ -function Get-GitHubAppInstallationAccessToken { +filter Get-GitHubAppInstallationAccessToken { <# .SYNOPSIS Create an installation access token for an app @@ -39,7 +39,12 @@ param ( # The unique identifier of the installation. # Example: '12345678' - [Parameter(Mandatory)] + [Parameter( + Mandatory, + ValueFromPipeline, + ValueFromPipelineByPropertyName + )] + [Alias('ID')] [string] $InstallationID ) From 6822a517053b267367a96630f63f967d383236f3 Mon Sep 17 00:00:00 2001 From: Marius Storhaug Date: Wed, 6 Nov 2024 15:11:48 +0100 Subject: [PATCH 2/3] Rename function to New-* instead of Get-* aligning with the post method --- ...> New-GitHubAppInstallationAccessToken.ps1} | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) rename src/functions/public/Apps/{Get-GitHubAppInstallationAccessToken.ps1 => New-GitHubAppInstallationAccessToken.ps1} (81%) diff --git a/src/functions/public/Apps/Get-GitHubAppInstallationAccessToken.ps1 b/src/functions/public/Apps/New-GitHubAppInstallationAccessToken.ps1 similarity index 81% rename from src/functions/public/Apps/Get-GitHubAppInstallationAccessToken.ps1 rename to src/functions/public/Apps/New-GitHubAppInstallationAccessToken.ps1 index 32c47bf07..5fa32da7e 100644 --- a/src/functions/public/Apps/Get-GitHubAppInstallationAccessToken.ps1 +++ b/src/functions/public/Apps/New-GitHubAppInstallationAccessToken.ps1 @@ -1,4 +1,4 @@ -filter Get-GitHubAppInstallationAccessToken { +filter New-GitHubAppInstallationAccessToken { <# .SYNOPSIS Create an installation access token for an app @@ -28,13 +28,23 @@ to access this endpoint. .EXAMPLE - Get-GitHubAppInstallationAccessToken -InstallationID 12345678 + New-GitHubAppInstallationAccessToken -InstallationID 12345678 - Gets an installation access token for the installation with the ID `12345678`. + Creates an installation access token for the installation with the ID `12345678`. + + .EXAMPLE + Connect-GitHub -ClientID $ClientID -PrivateKey $PrivateKey -Verbose + Get-GitHubAppInstallation | New-GitHubAppInstallationAccessToken + + Gets the GitHub App installations and creates an installation access token for each installation. .NOTES [Create an installation access token for an app](https://docs.github.com/rest/apps/apps#create-an-installation-access-token-for-an-app) #> + [Diagnostics.CodeAnalysis.SuppressMessageAttribute( + 'PSUseShouldProcessForStateChangingFunctions', '', + Justification = 'No state is changed.' + )] [CmdletBinding()] param ( # The unique identifier of the installation. @@ -45,7 +55,7 @@ ValueFromPipelineByPropertyName )] [Alias('ID')] - [string] $InstallationID + [int] $InstallationID ) $inputObject = @{ From bc4d1cb6ecdeab36109515b9b5456eb979e7eb30 Mon Sep 17 00:00:00 2001 From: Marius Storhaug Date: Wed, 6 Nov 2024 15:26:43 +0100 Subject: [PATCH 3/3] BringYourOwnApp --- .../public/Auth/Connect-GitHubAccount.ps1 | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/src/functions/public/Auth/Connect-GitHubAccount.ps1 b/src/functions/public/Auth/Connect-GitHubAccount.ps1 index 58f885f37..2bc83ed2d 100644 --- a/src/functions/public/Auth/Connect-GitHubAccount.ps1 +++ b/src/functions/public/Auth/Connect-GitHubAccount.ps1 @@ -55,12 +55,12 @@ [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSReviewUnusedParameter', 'AccessToken', Justification = 'Required for parameter set')] [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingWriteHost', '', Justification = 'Is the CLI part of the module.')] [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingConvertToSecureStringWithPlainText', '', Justification = 'The tokens are recieved as clear text. Mitigating exposure by removing variables and performing garbage collection.')] - [CmdletBinding(DefaultParameterSetName = 'DeviceFlow')] + [CmdletBinding(DefaultParameterSetName = 'UAT')] param ( # Choose between authentication methods, either OAuthApp or GitHubApp. # For more info about the types of authentication visit: # [Differences between GitHub Apps and OAuth apps](https://docs.github.com/apps/oauth-apps/building-oauth-apps/differences-between-github-apps-and-oauth-apps) - [Parameter(ParameterSetName = 'DeviceFlow')] + [Parameter(ParameterSetName = 'UAT')] [ValidateSet('OAuthApp', 'GitHubApp')] [string] $Mode = 'GitHubApp', @@ -68,7 +68,7 @@ # Provide the list of scopes as space-separated values. # For more information on scopes visit: # [Scopes for OAuth apps](https://docs.github.com/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps) - [Parameter(ParameterSetName = 'DeviceFlow')] + [Parameter(ParameterSetName = 'UAT')] [string] $Scope = 'gist read:org repo workflow', # The personal access token to use for authentication. @@ -85,6 +85,7 @@ Mandatory, ParameterSetName = 'App' )] + [Parameter(ParameterSetName = 'UAT')] [string] $ClientID, # The private key for the GitHub App. @@ -137,12 +138,12 @@ $AuthType = if ($gitHubTokenPresent) { 'sPAT' } else { $PSCmdlet.ParameterSetName } Write-Verbose "AuthType: [$AuthType]" switch ($AuthType) { - 'DeviceFlow' { + 'UAT' { Write-Verbose 'Logging in using device flow...' - $clientID = $script:Auth.$Mode.ClientID + $authClientID = $ClientID ?? $script:Auth.$Mode.ClientID if ($Mode -ne (Get-GitHubConfig -Name 'DeviceFlowType' -ErrorAction SilentlyContinue)) { Write-Verbose "Using $Mode authentication..." - $tokenResponse = Invoke-GitHubDeviceFlowLogin -ClientID $clientID -Scope $Scope -HostName $HostName + $tokenResponse = Invoke-GitHubDeviceFlowLogin -ClientID $authClientID -Scope $Scope -HostName $HostName } else { $accessTokenValidity = [datetime](Get-GitHubConfig -Name 'AccessTokenExpirationDate') - (Get-Date) $accessTokenIsValid = $accessTokenValidity.Seconds -gt 0 @@ -162,7 +163,7 @@ Write-Host '⚠ ' -ForegroundColor Yellow -NoNewline Write-Host "Access token remaining validity $accessTokenValidityText. Refreshing access token..." } - $tokenResponse = Invoke-GitHubDeviceFlowLogin -ClientID $clientID -RefreshToken (Get-GitHubConfig -Name 'RefreshToken') -HostName $HostName + $tokenResponse = Invoke-GitHubDeviceFlowLogin -ClientID $authClientID -RefreshToken (Get-GitHubConfig -Name 'RefreshToken') -HostName $HostName } } else { $refreshTokenValidity = [datetime](Get-GitHubConfig -Name 'RefreshTokenExpirationDate') - (Get-Date) @@ -172,10 +173,10 @@ Write-Host '⚠ ' -ForegroundColor Yellow -NoNewline Write-Host 'Access token expired. Refreshing access token...' } - $tokenResponse = Invoke-GitHubDeviceFlowLogin -ClientID $clientID -RefreshToken (Get-GitHubConfig -Name 'RefreshToken') -HostName $HostName + $tokenResponse = Invoke-GitHubDeviceFlowLogin -ClientID $authClientID -RefreshToken (Get-GitHubConfig -Name 'RefreshToken') -HostName $HostName } else { Write-Verbose "Using $Mode authentication..." - $tokenResponse = Invoke-GitHubDeviceFlowLogin -ClientID $clientID -Scope $Scope -HostName $HostName + $tokenResponse = Invoke-GitHubDeviceFlowLogin -ClientID $authClientID -Scope $Scope -HostName $HostName } } }