Token as environment variable #68
Comments
|
@matt-dray has a list of 25 twitter bots that rely on this approach to authentication with |
|
Bots are an obvious use case for the environment approach to tokens (Haven't thought of that yet) so we need to address this somehow. However, I am also with @JBGruber (see #18 (comment)) that it is a bit clumsy to write 3 (well technically only 2 are needed) variables as system variables. I'd prefer a solution that allows both RDS and ENV. Like: "if ENV not found, look for RDS". RDS is more accessible in my opinion than telling users to create 2 system variables. @chainsawriot thoughts? @JBGruber you wrote the auth part, any suggestions from your side? |
|
@mattkerlogue Thanks for the suggestion. As you might know, we have used different names for testing. But I think that can be easily harmonized. @schochastics I have another solution actually. One envvar. require(rtoot)
#> Loading required package: rtoot
Sys.setenv(RTOOT_DEFAULT_TOKEN="aslfjkhdjkfhskjlafhsadf;public;emacs.ch")
get_token_from_envvar <- function(envvar = "RTOOT_DEFAULT_TOKEN") {
if (Sys.getenv(envvar) == "") {
stop("envvar not found.")
}
res <- strsplit(x = Sys.getenv(envvar), split = ";")[[1]]
bearer <- list(bearer = res[1])
bearer$type <- res[2]
bearer$instance <- res[3]
class(bearer) <- "rtoot_bearer"
bearer
}
get_token_from_envvar("whatever")
#> Error in get_token_from_envvar("whatever"): envvar not found.
get_token_from_envvar("RTOOT_DEFAULT_TOKEN")
#> <mastodon bearer token> for instance: emacs.ch of type: publicCreated on 2022-11-14 by the reprex package (v2.0.1) |
|
I thought about something in the same lines as @chainsawriot. One token that is parsed to make the list object. I think it would make sense to keep the option and add a condition to parse the environment variable if |
|
Sounds good to me. @chainsawriot do you want to implement this? |
|
@mattkerlogue You can now convert your token x <- convert_token_to_envvar(token) |
First off, huge thanks and massive congratulations for getting the rtoot package off the ground! 馃帀
It's meant that I've been able to port my Twitter bot over to the botsin.space instance.
Related to #7 and #18. I've had to adopt a different approach to authentication as it runs on GitHub Actions, therefore I can't make use of an RDS hidden away deep in the system to store the token.
The approach used in
{rtweet}is to use environment variables and within the project I've implemented what appears to be a working solution that mimics this approach with{rtoot}. The workflow is as follows:A new function
mastodon_token()which creates the same underlying list structure asauth_setup()but to which you provide the access token, type and instance. I couldn't see an internal function that did this, but let me know if there is. This relies on the user generating their own key/token from within the Mastodon API settings, but it's pretty simple for folk that would want to get this complicated (and definitely easier than the approach with the Twitter API).User writes their token to an .Renviron file, either at the user-level or project-level:
I discuss in more length in this blog post about migrating the bot to Mastodon.
Happy to contribute a PR if you'd like to include in rtoot's core functionality, but probably worth some consideration of how it interacts with the existing approach to authentication.
The text was updated successfully, but these errors were encountered: