From db66a669a3d26cb5702eaf3b4b0d40f888b04fac Mon Sep 17 00:00:00 2001
From: Michael Beaumont <mjboamail@gmail.com>
Date: Thu, 20 Aug 2020 10:35:00 +0200
Subject: [PATCH] Use Authorization header for Github PAT

PATs are oauth tokens so there's no reason to use BasicAuth here.

I read the GH docs as recommending `Authorization: Bearer` if possible.

GH understands what kind of token is being used, e.g. I see:
`Added on Aug 20, 2020 via personal access token owned by
@michaelbeaumont`
when I authenticate this way and add a DeployKey
---
 github/auth.go      | 17 +----------------
 github/auth_test.go |  2 +-
 2 files changed, 2 insertions(+), 17 deletions(-)

diff --git a/github/auth.go b/github/auth.go
index 3205a9de..dd8a18bb 100644
--- a/github/auth.go
+++ b/github/auth.go
@@ -30,11 +30,6 @@ import (
 const (
 	// DefaultDomain specifies the default domain used as the backend.
 	DefaultDomain = "github.com"
-	// patUsername is the "username" for the basic auth authentication flow
-	// when using a personal access token as the "password". This string could
-	// be arbitrary, even unset, as it is not respected server-side. For conventions'
-	// sake, we'll set this to "git".
-	patUsername = "git"
 )
 
 // ClientOption is the interface to implement for passing options to NewClient.
@@ -200,17 +195,7 @@ func WithPersonalAccessToken(patToken string) ClientOption {
 		return optionError(fmt.Errorf("patToken cannot be empty: %w", gitprovider.ErrInvalidClientOptions))
 	}
 
-	return &clientOptions{AuthTransport: patTransport(patToken)}
-}
-
-func patTransport(patToken string) gitprovider.ChainableRoundTripperFunc {
-	return func(in http.RoundTripper) http.RoundTripper {
-		return &github.BasicAuthTransport{
-			Username:  patUsername,
-			Password:  patToken,
-			Transport: in,
-		}
-	}
+	return &clientOptions{AuthTransport: oauth2Transport(patToken)}
 }
 
 // WithConditionalRequests instructs the client to use Conditional Requests to GitHub, asking GitHub
diff --git a/github/auth_test.go b/github/auth_test.go
index 42728fc7..30a0df6e 100644
--- a/github/auth_test.go
+++ b/github/auth_test.go
@@ -165,7 +165,7 @@ func Test_makeOptions(t *testing.T) {
 		{
 			name: "WithPersonalAccessToken",
 			opts: []ClientOption{WithPersonalAccessToken("foo")},
-			want: &clientOptions{AuthTransport: patTransport("foo")},
+			want: &clientOptions{AuthTransport: oauth2Transport("foo")},
 		},
 		{
 			name:         "WithPersonalAccessToken, empty",