SDK for building GitHub Copilot Extensions
import { verifyRequestByKeyId } from "@copilot-extensions/preview-sdk";
const payloadIsVerified = await verifyRequestByKeyId(
request.body,
signature,
key,
{
token: process.env.GITHUB_TOKEN,
}
);
// true or falseVerify the request payload using the provided signature and key ID. The method will request the public key from GitHub's API for the given keyId and then verify the payload.
The options argument is optional. It can contain a token to authenticate the request to GitHub's API, or a custom request instance to use for the request.
import { verifyRequestByKeyId } from "@copilot-extensions/preview-sdk";
const payloadIsVerified = await verifyRequestByKeyId(
request.body,
signature,
key
);
// with token
await verifyRequestByKeyId(request.body, signature, key, { token: "ghp_1234" });
// with custom octokit request instance
await verifyRequestByKeyId(request.body, signature, key, { request });Fetches public keys for verifying copilot extension requests from GitHub's API and returns them as an array. The request can be made without authentication, with a token, or with a custom octokit request instance.
import { fetchVerificationKeys } from "@copilot-extensions/preview-sdk";
// fetch without authentication
const [current] = await fetchVerificationKeys();
// with token
const [current] = await fetchVerificationKeys({ token: "ghp_1234" });
// with custom octokit request instance
const [current] = await fetchVerificationKeys({ request });)Verify the request payload using the provided signature and key. Note that the raw body as received by GitHub must be passed, before any parsing.
import { verify } from "@copilot-extensions/preview-sdk";
const payloadIsVerified = await verifyRequestPayload(
request.body,
signature,
key
);
// true or falseWhile implementing the lower-level functionality, we also dream big: what would our dream SDK for Coplitot extensions look like? Please have a look and share your thoughts and ideas:
Please see CONTRIBUTING.md