From fda16d7c61086499d0fab7adc33889796ce1978a Mon Sep 17 00:00:00 2001
From: Gregor Martynus <39992+gr2m@users.noreply.github.com>
Date: Thu, 18 Feb 2021 18:06:42 -0800
Subject: [PATCH 1/4] docs(README): remove mention of OAuth scopes
---
README.md | 32 ++++++++++----------------------
1 file changed, 10 insertions(+), 22 deletions(-)
diff --git a/README.md b/README.md
index d0d82a4c3..159f38fa9 100644
--- a/README.md
+++ b/README.md
@@ -237,18 +237,6 @@ Defaults to [`@octokit/core`](https://github.com/octokit/core.js).
Sets the default value for app.oauth.getAuthorizationUrl(options).
-
-
- oauth.defaultScopes
- |
-
- Array of strings
- |
-
-
-Sets the default scopes value for app.oauth.getAuthorizationUrl(options). See [available scopes](https://developer.github.com/apps/building-oauth-apps/understanding-scopes-for-oauth-apps/#available-scopes)
-
- |
@@ -303,16 +291,16 @@ A middleware is a method or set of methods to handle requests for common environ
By default, all middlewares expose the following routes
-| Route | Route Description |
-| -------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `POST /api/github/webhooks` | Endpoint to receive GitHub Webhook Event requests |
-| `GET /api/github/oauth/login` | Redirects to GitHub's authorization endpoint. Accepts optional `?state` and `?scopes` query parameters. `?scopes` is a comma-separated list of [supported OAuth scope names](https://developer.github.com/apps/building-oauth-apps/understanding-scopes-for-oauth-apps/#available-scopes) |
-| `GET /api/github/oauth/callback` | The client's redirect endpoint. This is where the `token` event gets triggered |
-| `POST /api/github/oauth/token` | Exchange an authorization code for an OAuth Access token. If successful, the `token` event gets triggered. |
-| `GET /api/github/oauth/token` | Check if token is valid. Must authenticate using token in `Authorization` header. Uses GitHub's [`POST /applications/{client_id}/token`](https://developer.github.com/v3/apps/oauth_applications/#check-a-token) endpoint |
-| `PATCH /api/github/oauth/token` | Resets a token (invalidates current one, returns new token). Must authenticate using token in `Authorization` header. Uses GitHub's [`PATCH /applications/{client_id}/token`](https://developer.github.com/v3/apps/oauth_applications/#reset-a-token) endpoint. |
-| `DELETE /api/github/oauth/token` | Invalidates current token, basically the equivalent of a logout. Must authenticate using token in `Authorization` header. |
-| `DELETE /api/github/oauth/grant` | Revokes the user's grant, basically the equivalent of an uninstall. must authenticate using token in `Authorization` header. |
+| Route | Route Description |
+| -------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `POST /api/github/webhooks` | Endpoint to receive GitHub Webhook Event requests |
+| `GET /api/github/oauth/login` | Redirects to GitHub's authorization endpoint. Accepts optional `?state` query parameter. |
+| `GET /api/github/oauth/callback` | The client's redirect endpoint. This is where the `token` event gets triggered |
+| `POST /api/github/oauth/token` | Exchange an authorization code for an OAuth Access token. If successful, the `token` event gets triggered. |
+| `GET /api/github/oauth/token` | Check if token is valid. Must authenticate using token in `Authorization` header. Uses GitHub's [`POST /applications/{client_id}/token`](https://developer.github.com/v3/apps/oauth_applications/#check-a-token) endpoint |
+| `PATCH /api/github/oauth/token` | Resets a token (invalidates current one, returns new token). Must authenticate using token in `Authorization` header. Uses GitHub's [`PATCH /applications/{client_id}/token`](https://developer.github.com/v3/apps/oauth_applications/#reset-a-token) endpoint. |
+| `DELETE /api/github/oauth/token` | Invalidates current token, basically the equivalent of a logout. Must authenticate using token in `Authorization` header. |
+| `DELETE /api/github/oauth/grant` | Revokes the user's grant, basically the equivalent of an uninstall. must authenticate using token in `Authorization` header. |
### `getNodeMiddleware(app, options)`
From 1213be7f4174c659202bec31a78569649e8b239d Mon Sep 17 00:00:00 2001
From: Gregor Martynus <39992+gr2m@users.noreply.github.com>
Date: Thu, 18 Feb 2021 18:06:53 -0800
Subject: [PATCH 2/4] refactor: remove unused import
---
src/index.ts | 1 -
1 file changed, 1 deletion(-)
diff --git a/src/index.ts b/src/index.ts
index c7623b19c..8c030f789 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -1,6 +1,5 @@
import { Octokit as OctokitCore } from "@octokit/core";
import { createAppAuth } from "@octokit/auth-app";
-import { Webhooks } from "@octokit/webhooks";
import {
OAuthApp,
getNodeMiddleware as oauthNodeMiddleware,
From 5cebb50fee39f2fc41794eddcdcd6761a06ada87 Mon Sep 17 00:00:00 2001
From: Gregor Martynus <39992+gr2m@users.noreply.github.com>
Date: Thu, 18 Feb 2021 18:07:21 -0800
Subject: [PATCH 3/4] test: `options.oauth.allowSignup` option
---
test/oauth.test.ts | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/test/oauth.test.ts b/test/oauth.test.ts
index 6eff141af..655b22616 100644
--- a/test/oauth.test.ts
+++ b/test/oauth.test.ts
@@ -49,4 +49,19 @@ describe("app.oauth", () => {
"[@octokit/app] oauth.clientId / oauth.clientSecret options are not set"
);
});
+
+ test("options.oauth.allowSignup", async () => {
+ new App({
+ appId: APP_ID,
+ privateKey: PRIVATE_KEY,
+ webhooks: {
+ secret: WEBHOOK_SECRET,
+ },
+ oauth: {
+ clientId: "123",
+ clientSecret: "123secret",
+ allowSignup: true,
+ },
+ });
+ });
});
From 4083bff56a894d6093b6f89c8e5244f6d1e2e16e Mon Sep 17 00:00:00 2001
From: Gregor Martynus <39992+gr2m@users.noreply.github.com>
Date: Thu, 18 Feb 2021 18:07:39 -0800
Subject: [PATCH 4/4] feat(typescript): `options.oauth.allowSignup` is optional
and boolean
---
src/types.ts | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/types.ts b/src/types.ts
index 383d28684..e3ca208de 100644
--- a/src/types.ts
+++ b/src/types.ts
@@ -10,6 +10,7 @@ export type Options = {
oauth?: {
clientId: string;
clientSecret: string;
+ allowSignup?: boolean;
};
Octokit?: typeof Octokit;
log?: {