mirror of
https://github.com/github/codeql-action.git
synced 2025-12-27 01:30:10 +08:00
122 lines
3.5 KiB
JavaScript
122 lines
3.5 KiB
JavaScript
import { get, set } from "./cache.js";
|
|
import { getAppAuthentication } from "./get-app-authentication.js";
|
|
import { toTokenAuthentication } from "./to-token-authentication.js";
|
|
async function getInstallationAuthentication(state, options, customRequest) {
|
|
const installationId = Number(options.installationId || state.installationId);
|
|
if (!installationId) {
|
|
throw new Error(
|
|
"[@octokit/auth-app] installationId option is required for installation authentication."
|
|
);
|
|
}
|
|
if (options.factory) {
|
|
const { type, factory, oauthApp, ...factoryAuthOptions } = {
|
|
...state,
|
|
...options
|
|
};
|
|
return factory(factoryAuthOptions);
|
|
}
|
|
const optionsWithInstallationTokenFromState = Object.assign(
|
|
{ installationId },
|
|
options
|
|
);
|
|
if (!options.refresh) {
|
|
const result = await get(
|
|
state.cache,
|
|
optionsWithInstallationTokenFromState
|
|
);
|
|
if (result) {
|
|
const {
|
|
token: token2,
|
|
createdAt: createdAt2,
|
|
expiresAt: expiresAt2,
|
|
permissions: permissions2,
|
|
repositoryIds: repositoryIds2,
|
|
repositoryNames: repositoryNames2,
|
|
singleFileName: singleFileName2,
|
|
repositorySelection: repositorySelection2
|
|
} = result;
|
|
return toTokenAuthentication({
|
|
installationId,
|
|
token: token2,
|
|
createdAt: createdAt2,
|
|
expiresAt: expiresAt2,
|
|
permissions: permissions2,
|
|
repositorySelection: repositorySelection2,
|
|
repositoryIds: repositoryIds2,
|
|
repositoryNames: repositoryNames2,
|
|
singleFileName: singleFileName2
|
|
});
|
|
}
|
|
}
|
|
const appAuthentication = await getAppAuthentication(state);
|
|
const request = customRequest || state.request;
|
|
const payload = {
|
|
installation_id: installationId,
|
|
mediaType: {
|
|
previews: ["machine-man"]
|
|
},
|
|
headers: {
|
|
authorization: `bearer ${appAuthentication.token}`
|
|
}
|
|
};
|
|
if (options.repositoryIds) {
|
|
Object.assign(payload, { repository_ids: options.repositoryIds });
|
|
}
|
|
if (options.repositoryNames) {
|
|
Object.assign(payload, {
|
|
repositories: options.repositoryNames
|
|
});
|
|
}
|
|
if (options.permissions) {
|
|
Object.assign(payload, { permissions: options.permissions });
|
|
}
|
|
const {
|
|
data: {
|
|
token,
|
|
expires_at: expiresAt,
|
|
repositories,
|
|
permissions: permissionsOptional,
|
|
repository_selection: repositorySelectionOptional,
|
|
single_file: singleFileName
|
|
}
|
|
} = await request(
|
|
"POST /app/installations/{installation_id}/access_tokens",
|
|
payload
|
|
);
|
|
const permissions = permissionsOptional || {};
|
|
const repositorySelection = repositorySelectionOptional || "all";
|
|
const repositoryIds = repositories ? repositories.map((r) => r.id) : void 0;
|
|
const repositoryNames = repositories ? repositories.map((repo) => repo.name) : void 0;
|
|
const createdAt = (/* @__PURE__ */ new Date()).toISOString();
|
|
const cacheOptions = {
|
|
token,
|
|
createdAt,
|
|
expiresAt,
|
|
repositorySelection,
|
|
permissions,
|
|
repositoryIds,
|
|
repositoryNames
|
|
};
|
|
if (singleFileName) {
|
|
Object.assign(payload, { singleFileName });
|
|
}
|
|
await set(state.cache, optionsWithInstallationTokenFromState, cacheOptions);
|
|
const cacheData = {
|
|
installationId,
|
|
token,
|
|
createdAt,
|
|
expiresAt,
|
|
repositorySelection,
|
|
permissions,
|
|
repositoryIds,
|
|
repositoryNames
|
|
};
|
|
if (singleFileName) {
|
|
Object.assign(cacheData, { singleFileName });
|
|
}
|
|
return toTokenAuthentication(cacheData);
|
|
}
|
|
export {
|
|
getInstallationAuthentication
|
|
};
|