From c1c6366a638b90f3cb9b2f33e0bef495330f50cd Mon Sep 17 00:00:00 2001 From: Gudge Date: Mon, 2 Mar 2020 11:01:34 -0800 Subject: [PATCH] Update OAuth Token operations to new APIs (#2116) * Update OAuth Token operations to new APIs Per ['Deprecating OAuth Application API'](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/) the HTTP API endpoints called by CheckApplicationAuthentication, ResetApplicationAuthentication and RevokeApplicationAuthentication are being deprecated. This PR updates those APIs to call the new HTTP API endpoints as documented at the above link. * Details Amend CheckApplicationAuthentication, ResetApplicationAuthentication and RevokeApplicationAuthentication to create an object containing the OAuth access token and to call the single arg version of ApiUrls.ApplicationAuthorization. The object is used as the request body. Amend CheckApplicationAuthentication to use POST. Amend ResetApplicationAuthentication to use PATCH. Remove the two arg version of ApiUrls.ApplicationAuthorization as it is no longer called. Amend the single arg version to use the new API path. Amend unit tests to account for the above changes. * Update unit tests to check request payload Add a check to the unit tests to verify that the request payload contains an access_token field with the expected value. --- .../Clients/AuthorizationsClientTests.cs | 15 ++++++----- Octokit/Clients/AuthorizationsClient.cs | 26 ++++++++++++++----- Octokit/Helpers/ApiUrls.Authorizations.cs | 7 +---- 3 files changed, 29 insertions(+), 19 deletions(-) diff --git a/Octokit.Tests/Clients/AuthorizationsClientTests.cs b/Octokit.Tests/Clients/AuthorizationsClientTests.cs index 58510712..1f0f13d5 100644 --- a/Octokit.Tests/Clients/AuthorizationsClientTests.cs +++ b/Octokit.Tests/Clients/AuthorizationsClientTests.cs @@ -290,9 +290,9 @@ namespace Octokit.Tests.Clients authEndpoint.CheckApplicationAuthentication("clientId", "accessToken"); - client.Received().Get( - Arg.Is(u => u.ToString() == "applications/clientId/tokens/accessToken"), - null); + client.Received().Post( + Arg.Is(u => u.ToString() == "applications/clientId/token"), + Arg.Is(o => o.GetType().GetProperty("access_token").GetValue(o).ToString() == "accessToken")); } [Fact] @@ -318,9 +318,9 @@ namespace Octokit.Tests.Clients authEndpoint.ResetApplicationAuthentication("clientId", "accessToken"); - client.Received().Post( - Arg.Is(u => u.ToString() == "applications/clientId/tokens/accessToken"), - Args.Object); + client.Received().Patch( + Arg.Is(u => u.ToString() == "applications/clientId/token"), + Arg.Is(o => o.GetType().GetProperty("access_token").GetValue(o).ToString() == "accessToken")); } [Fact] @@ -347,7 +347,8 @@ namespace Octokit.Tests.Clients authEndpoint.RevokeApplicationAuthentication("clientId", "accessToken"); client.Received().Delete( - Arg.Is(u => u.ToString() == "applications/clientId/tokens/accessToken")); + Arg.Is(u => u.ToString() == "applications/clientId/token"), + Arg.Is(o => o.GetType().GetProperty("access_token").GetValue(o).ToString() == "accessToken")); } [Fact] diff --git a/Octokit/Clients/AuthorizationsClient.cs b/Octokit/Clients/AuthorizationsClient.cs index e58a8f67..d2cdf158 100644 --- a/Octokit/Clients/AuthorizationsClient.cs +++ b/Octokit/Clients/AuthorizationsClient.cs @@ -341,8 +341,13 @@ namespace Octokit Ensure.ArgumentNotNullOrEmptyString(clientId, nameof(clientId)); Ensure.ArgumentNotNullOrEmptyString(accessToken, nameof(accessToken)); - var endpoint = ApiUrls.ApplicationAuthorization(clientId, accessToken); - return ApiConnection.Get(endpoint, null); + var requestData = new + { + access_token = accessToken + }; + + var endpoint = ApiUrls.ApplicationAuthorization(clientId); + return ApiConnection.Post(endpoint, requestData); } /// @@ -360,9 +365,13 @@ namespace Octokit Ensure.ArgumentNotNullOrEmptyString(clientId, nameof(clientId)); Ensure.ArgumentNotNullOrEmptyString(accessToken, nameof(accessToken)); - var requestData = new { }; + var requestData = new + { + access_token = accessToken + }; - return ApiConnection.Post(ApiUrls.ApplicationAuthorization(clientId, accessToken), requestData); + var endpoint = ApiUrls.ApplicationAuthorization(clientId); + return ApiConnection.Patch(endpoint, requestData); } /// @@ -380,8 +389,13 @@ namespace Octokit Ensure.ArgumentNotNullOrEmptyString(clientId, nameof(clientId)); Ensure.ArgumentNotNullOrEmptyString(accessToken, nameof(accessToken)); - return ApiConnection.Delete( - ApiUrls.ApplicationAuthorization(clientId, accessToken)); + var requestData = new + { + access_token = accessToken + }; + + var endpoint = ApiUrls.ApplicationAuthorization(clientId); + return ApiConnection.Delete(endpoint, requestData); } /// diff --git a/Octokit/Helpers/ApiUrls.Authorizations.cs b/Octokit/Helpers/ApiUrls.Authorizations.cs index 4cae9842..66112e2c 100644 --- a/Octokit/Helpers/ApiUrls.Authorizations.cs +++ b/Octokit/Helpers/ApiUrls.Authorizations.cs @@ -36,12 +36,7 @@ namespace Octokit public static Uri ApplicationAuthorization(string clientId) { - return "applications/{0}/tokens".FormatUri(clientId); - } - - public static Uri ApplicationAuthorization(string clientId, string accessToken) - { - return "applications/{0}/tokens/{1}".FormatUri(clientId, accessToken); + return "applications/{0}/token".FormatUri(clientId); } } }