Skip to content

Commit

Permalink
Merge pull request #59 from shogo82148/improve-handling-github-token
Browse files Browse the repository at this point in the history
improve the error message if the token is invalid
shogo82148 authored Oct 7, 2021

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
2 parents b47f995 + 331fe37 commit 5ced183
Showing 1 changed file with 17 additions and 10 deletions.
27 changes: 17 additions & 10 deletions provider/github-app-token/github-app-token.go
Original file line number Diff line number Diff line change
@@ -18,6 +18,9 @@ import (
"github.com/shogo82148/actions-github-app-token/provider/github-app-token/github"
)

// the sentinel error that the token is not GITHUB_TOKEN
var errNotGitHubToken = errors.New("githubapptoken: the token is not GITHUB_TOKEN")

type githubClient interface {
GetApp(ctx context.Context) (*github.GetAppResponse, error)
CreateStatus(ctx context.Context, token, owner, repo, ref string, status *github.CreateStatusRequest) (*github.CreateStatusResponse, error)
@@ -155,21 +158,27 @@ func (h *Handler) handle(ctx context.Context, token string, req *requestBody) (*
}

// authorize the request
var err error
var owner, repo string
if id, err := h.github.ParseIDToken(ctx, token); err == nil {
owner, repo, err = splitOwnerRepo(id.Repository)
err = h.validateGitHubToken(ctx, token, req)
if err == nil {
owner, repo, err = splitOwnerRepo(req.Repository)
if err != nil {
return nil, err
}
} else {
err := h.validateGitHubToken(ctx, token, req)
} else if errors.Is(err, errNotGitHubToken) {
id, err := h.github.ParseIDToken(ctx, token)
if err != nil {
return nil, err
return nil, &validationError{
message: fmt.Sprintf("invalid JSON Web Token: %s", err.Error()),
}
}
owner, repo, err = splitOwnerRepo(req.Repository)
owner, repo, err = splitOwnerRepo(id.Repository)
if err != nil {
return nil, err
}
} else {
return nil, err
}

// issue a new access token
@@ -293,10 +302,8 @@ func (h *Handler) validateGitHubToken(ctx context.Context, token string, req *re
message: "GITHUB_TOKEN looks like GitHub App refresh token. `github-token` must be `${{ github.token }}` or `${{ secrets.GITHUB_TOKEN }}`.",
}
default:
// Old Format Personal Access Tokens
return &validationError{
message: "GITHUB_TOKEN looks like Personal Access Token. `github-token` must be `${{ github.token }}` or `${{ secrets.GITHUB_TOKEN }}`.",
}
// it doesn't look a GitHub token.
return errNotGitHubToken
}
resp, err := h.updateCommitStatus(ctx, token, req, &github.CreateStatusRequest{
State: github.CommitStateSuccess,

0 comments on commit 5ced183

Please sign in to comment.