Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings
This repository was archived by the owner on Nov 1, 2017. It is now read-only.

Commitc5df1ce

Browse files
author
Hubot
committed
Sync changes from upstream repository
1 parent2858cab commitc5df1ce

File tree

3 files changed

+100
-4
lines changed

3 files changed

+100
-4
lines changed
Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
---
2+
title:Preview support for OAuth authorizations grants API
3+
author_name:ptoomey3
4+
---
5+
6+
GitHub recently made changes to[the application authorizations settings screen within GitHub][authorized-application-listing] to display one entry for each OAuth application a user has authorized. Previously this screen showed one entry for each OAuth token that was generated by an OAuth application. For example, if you installed two instances of GitHub Desktop, you would see one entry for each installation. To simplify OAuth application management, we now show a single entry for each OAuth application. For OAuth applications that use the[web flow][web-flow] this was not a problem, since the web flow never generates more than one token for a given OAuth application and user. However, going forward, GitHub would like to allow all OAuth applications, including those that use the web flow, to generate more than one token.
7+
8+
In preparation for that change, we are adding API support to simplify management of OAuth applications that matches what is available on GitHub.com. You can enable these changes during the preview period by providing a custom[media type][media-type] in the`Accept` header:
9+
10+
application/vnd.github.damage-preview
11+
12+
For example:
13+
14+
```command-line
15+
curl -u username "https://api.github.com/applications/grants" \
16+
-H "Accept: application/vnd.github.damage-preview"
17+
```
18+
19+
You can learn more about the new APIs in the[OAuth authorizations][oauth-authorizations-api] documentation.
20+
21+
During the preview period, we may change aspects of these APIs based on developer feedback. We will announce the changes here on the developer blog, but we will not provide advance notice.
22+
23+
If you have any questions or feedback, please[let us know][contact].
24+
25+
[media-type]:/v3/media
26+
[oauth-authorizations-api]:/v3/oauth_authorizations
27+
[authorized-application-listing]:https://github.com/settings/applications#authorized
28+
[contact]:https://github.com/contact?form%5Bsubject%5D=OAuth+Authorizations+Grants+API+Preview
29+
[web-flow]:/v3/oauth/#web-application-flow

‎content/v3/oauth_authorizations.md

Lines changed: 58 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -2,14 +2,25 @@
22
title:Authorizations
33
---
44

5-
#OAuth Authorizations API
5+
{% if page.version == 'dotcom' or page.version > 2.6 %}
66

7-
{:toc}
7+
{{#tip}}
88

9-
You can use this API to manage your OAuth applications. You can only access this API via[Basic Authentication](/v3/auth#basic-authentication) using your username and password, not tokens.
9+
<aname="preview-period"></a>
1010

11-
Make sure you understand how to[work with two-factor authentication](/v3/auth/#working-with-two-factor-authentication) if you or your users have two-factor authentication enabled.
11+
APIs for managing OAuth grants are currently available for developers to preview.
12+
During the preview period, the APIs may change without advance notice.
13+
Please see the[blog post](/changes/2016-04-21-oauth-authorizations-grants-api-preview) for full details.
14+
15+
To access the API you must provide a custom[media type](/v3/media) in the`Accept` header:
16+
17+
application/vnd.github.damage-preview
1218

19+
{{/tip}}
20+
21+
{% endif %}
22+
23+
<br>
1324
<divclass="alert">
1425
<h3id="deprecation-notice">Deprecation Notice</h3>
1526

@@ -51,6 +62,48 @@ Make sure you understand how to [work with two-factor authentication](/v3/auth/#
5162
</p>
5263
</div>
5364

65+
#OAuth Authorizations API
66+
67+
{:toc}
68+
69+
You can use this API to manage the access OAuth applications have to your account. You can only access this API via[Basic Authentication](/v3/auth#basic-authentication) using your username and password, not tokens.
70+
71+
Make sure you understand how to[work with two-factor authentication](/v3/auth/#working-with-two-factor-authentication) if you or your users have two-factor authentication enabled.
72+
73+
{% if page.version == 'dotcom' or page.version > 2.6 %}
74+
75+
##List your grants
76+
77+
You can use this API to list the set of OAuth applications that have been granted access to your account. Unlike the[list your authorizations](/v3/oauth_authorizations/#list-your-authorizations) API, this API does not manage individual tokens. This API will return one entry for each OAuth application that has been granted access to your account, regardless of the number of tokens an application has generated for your user. The list of OAuth applications returned matches what is shown on[the application authorizations settings screen within GitHub][authorized-application-listing]. The`scopes` returned are the union of scopes authorized for the application. For example, if an application has one token with`repo` scope and another token with`user` scope, the grant will return`["repo", "user"]`.
78+
79+
GET /applications/grants
80+
81+
###Response
82+
83+
<%= headers 200,:pagination => default_pagination_rels %>
84+
<%= json(:oauth_authorization) { |h|[h] } %>
85+
86+
##Get a single grant
87+
88+
GET /applications/grants/:id
89+
90+
###Response
91+
92+
<%= headers 200 %>
93+
<%= json(:oauth_authorization) %>
94+
95+
##Delete a grant
96+
97+
Deleting an OAuth application's grant will also delete all OAuth tokens associated with the application for your user. Once deleted, the application has no access to your account and is no longer listed on[the application authorizations settings screen within GitHub][authorized-application-listing].
98+
99+
DELETE /applications/grants/:id
100+
101+
###Response
102+
103+
<%= headers 204 %>
104+
105+
{% endif %}
106+
54107
##List your authorizations
55108

56109
GET /authorizations
@@ -267,4 +320,5 @@ links that might be of help:
267320

268321
[app-listing]:https://github.com/settings/developers
269322
[tokens-listing]:https://github.com/settings/tokens
323+
[authorized-application-listing]:https://github.com/settings/applications#authorized
270324
[basics auth guide]:/guides/basics-of-authentication/

‎lib/responses/oauth.rb

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,19 @@ module Responses
2323
}
2424

2525
OAUTH_ACCESS_WITH_USER ||=OAUTH_ACCESS.merge(:user=>USER)
26+
27+
OAUTH_AUTHORIZATION ||={
28+
"id"=>1,
29+
"url"=>"https://api.github.com/applications/grants/1",
30+
"app"=>{
31+
"url"=>"http://my-github-app.com",
32+
"name"=>"my github app",
33+
"client_id"=>"abcde12345fghij67890"
34+
},
35+
"created_at"=>"2011-09-06T17:26:27Z",
36+
"updated_at"=>"2011-09-06T20:39:23Z",
37+
"scopes"=>["public_repo"],
38+
}
2639
end
2740
end
2841
end

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp