- Notifications
You must be signed in to change notification settings - Fork4
strategy for explicitly unauthenticated Octokit instances
License
octokit/auth-unauthenticated.js
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
strategy for explicitly unauthenticated Octokit instances
@octokit/auth-unauthenticated is useful for cases when an Octokit constructor has a default authentication strategy, but you require an explicitly unauthenticated instance.
One use cases is when building a GitHub App using@octokit/auth-app and handling webhooks using@octokit/webhooks. While all webhook events provide an installation ID in its payload, in case of theinstallation.deleted event, the app can no longer create an installation access token, because the app's access has been revoked.
- Usage
createUnauthenticatedAuth() optionsauth()- Authentication object
auth.hook(request, route, options)orauth.hook(request, options)- License
| Browsers | Load <scripttype="module">import{createUnauthenticatedAuth}from"https://esm.sh/@octokit/auth-unauthenticated";</script> |
|---|---|
| Node | Install with import{createUnauthenticatedAuth}from"@octokit/auth-unauthenticated"; |
Important
As we useconditional exports, you will need to adapt yourtsconfig.json by setting"moduleResolution": "node16", "module": "node16".
See the TypeScript docs onpackage.json "exports".
See thishelpful guide on transitioning to ESM from@sindresorhus
constauth=createUnauthenticatedAuth({reason:"Handling an installation.deleted event (The app's access has been revoked)",});constauthentication=awaitauth();// {// type: 'unauthenticated',// reason: 'Handling an installation.deleted event (The app's access has been revoked)'// }
ThecreateUnauthenticatedAuth method requires anoptions.reason argument which will be used when returning an error due to a lack of authentication or when logging a warning in case of a404 error.
Examples
createUnauthenticatedAuth({reason:"Handling an installation.deleted event: The app's access has been revoked from @octokit (id: 12345)",});
Theauth() method accepts any options, but it doesn't do anything with it. That makes it a great drop-in replacement for any other authentication strategy.
| name | type | description |
|---|---|---|
type | string | "unauthenticated" |
auth.hook() hooks directly into the request life cycle. If a mutating request is attempted to be sent (DELETE,PATCH,POST, orPUT), the request is failed immediately and returning an error that contains the reason passed tocreateUnauthenticatedAuth({ reason }).
If a request fails with a404 or due to hitting a rate/abuse limit, the returned error is amended that it might be caused due to a lack of authentication and will include the reason passed tocreateUnauthenticatedAuth({ reason }).
Therequest option is an instance of@octokit/request. Theroute/options parameters are the same as for therequest() method.
auth.hook() can be called directly to send an authenticated request
const{ data}=awaitauth.hook(request,"GET /");
Or it can be passed as option torequest().
constrequestWithAuth=request.defaults({request:{hook:auth.hook,},});const{ data}=awaitrequestWithAuth("GET /");
About
strategy for explicitly unauthenticated Octokit instances
Topics
Resources
License
Code of conduct
Security policy
Uh oh!
There was an error while loading.Please reload this page.
Stars
Watchers
Forks
Packages0
Uh oh!
There was an error while loading.Please reload this page.
Contributors13
Uh oh!
There was an error while loading.Please reload this page.