我得到了我想要的响应,但从 GitHub 返回的访问 token 返回时响应中没有范围:
// githubs response
{
access_token: 'a2ed9606c8b06bf00a16dc34584b1509462450a4',
token_type: 'bearer',
scope: ''
}
该 token 无法像我启用了范围的个人访问 token 那样查看私有(private)存储库。我是否做错了什么或没有联系正确的端点?
// backend - Auth.js
var express = require('express');
var router = express.Router();
var fetch = require('isomorphic-fetch');
let token = null;
const createFetchOptions = (method, body = undefined) => {
const options = {
method,
headers: {
'Content-type': null,
'Accept': null,
},
};
options.headers['Content-type'] = 'application/json';
options.headers['Accept'] = 'application/json';
options.body = JSON.stringify(body);
return options;
};
const Fetcher = {
get: async (url) => {
const res =
await fetch(
url,
createFetchOptions('GET'),
);
return res;
},
post: async (url, body) => {
const res =
await fetch(
url,
createFetchOptions('POST', body),
);
return res;
},
}
router.post('/token', async (req, res) => {
const { clientId, clientSecret, sessionCode } = req.body;
const response = await Fetcher.post('https://github.com/login/oauth/access_token', {
client_id: clientId,
client_secret: clientSecret,
code: sessionCode,
});
const result = await response.json();
console.log(result)
res.json(result);
});
module.exports = router;
最佳答案
您提供的代码似乎缺少您 request the user's GitHub identity 的步骤通过发出 GET https://github.com/login/oauth/authorize 请求。我假设您确实在代码中的某个位置包含此调用,因为有必要接收您在 POST https://github.com/正文中传递的 请求。sessionCode 值login/oauth/access_token
无论如何,您都可以在这一步指定 the various scopes您的应用程序要求的。请求的范围通过 scope 查询参数传递,如果您请求多个范围,则以空格分隔。例如,以下是针对 user 和 public_repo 范围的请求:
GET https://github.com/login/oauth/authorize?
client_id=...&
scope=user%20public_repo
关于javascript - GitHub API 的响应未返回具有适当范围的访问 token 来查看私有(private)存储库,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/55213669/