Skip to content

Instantly share code, notes, and snippets.

@daliborgogic

daliborgogic/github.js

Last active October 7, 2019 17:44
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save daliborgogic/00e81c0d71ae796dba6558aeeab11ce1 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save daliborgogic/00e81c0d71ae796dba6558aeeab11ce1 to your computer and use it in GitHub Desktop.
Download ZIP
Request a user's GitHub identity
Raw
github.js
const uuid = require('uuid')
const {
GITHUB_CLIENT_ID = '#####',
GITHUB_REDIRECT_URL = 'https://example.com/callback',
GITHUB_SCOPE = 'user:email'
} = process.env
const authorize = `https://github.com/login/oauth/authorize`
const states = []
module.exports = login => {
const state = uuid.v4()
states.push(state)
let params = {
client_id: GITHUB_CLIENT_ID,
redirect_uri: GITHUB_REDIRECT_URL,
scope: GITHUB_SCOPE,
state
}
if (login) params.login = login
const authorizeUrl = new URL(authorize)
Object.keys(params).forEach(key =>
authorizeUrl.searchParams.append(key, params[key]))
return authorizeUrl
}
@daliborgogic
Copy link
Author

daliborgogic commented Apr 7, 2019

Request a user's GitHub identity

GET https://github.com/login/oauth/authorize

When your GitHub App specifies a login parameter, it prompts users with a specific account they can use for signing in and authorizing your app.

Parameters

Name Type Description
client_id string Required. The client ID you received from GitHub when you registered.
redirect_uri string The URL in your application where users will be sent after authorization. See details below about redirect urls.
login string Suggests a specific account to use for signing in and authorizing the app.
scope string A space-delimited list of scopes. If not provided, scope defaults to an empty list for users that have not authorized any scopes for the application. For users who have authorized scopes for the application, the user won't be shown the OAuth authorization page with the list of scopes. Instead, this step of the flow will automatically complete with the set of scopes the user has authorized for the application. For example, if a user has already performed the web flow twice and has authorized one token with user scope and another token with repo scope, a third web flow that does not provide a scope will receive a token with user and repo scope.
state string An unguessable random string. It is used to protect against cross-site request forgery attacks.
allow_signup string Whether or not unauthenticated users will be offered an option to sign up for GitHub during the OAuth flow. The default is true. Use false in the case that a policy prohibits signups.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment