Merge branch 'main' into implement_apps

Author: bitwiseman

.github/workflows/maven-build.yml

@@ -76,7 +76,7 @@ jobs:
     - name: Maven Install with Code Coverage
       run: mvn -B clean install -D enable-ci -Djapicmp.skip --file pom.xml
     - name: Codecov Report 
-      uses: codecov/codecov-action@v3.1.1
+      uses: codecov/codecov-action@v3.1.3
   test:
     name: test (${{ matrix.os }}, Java ${{ matrix.java }})
     runs-on: ${{ matrix.os }}-latest

pom.xml

@@ -396,7 +396,7 @@
       <plugin>
         <groupId>com.github.siom79.japicmp</groupId>
         <artifactId>japicmp-maven-plugin</artifactId>
-        <version>0.17.1</version>
+        <version>0.17.2</version>
         <configuration>
           <parameter>
             <breakBuildOnBinaryIncompatibleModifications>true</breakBuildOnBinaryIncompatibleModifications>

src/main/java/org/kohsuke/github/authorization/AppInstallationAuthorizationProvider.java

@@ -0,0 +1,80 @@
+package org.kohsuke.github.authorization;
+
+import org.kohsuke.github.BetaApi;
+import org.kohsuke.github.GHApp;
+import org.kohsuke.github.GHAppInstallation;
+import org.kohsuke.github.GHAppInstallationToken;
+import org.kohsuke.github.GitHub;
+
+import java.io.IOException;
+import java.time.Duration;
+import java.time.Instant;
+import java.util.Objects;
+
+import javax.annotation.Nonnull;
+
+/**
+ * An AuthorizationProvider that performs automatic token refresh for an organization's AppInstallation.
+ */
+public class AppInstallationAuthorizationProvider extends GitHub.DependentAuthorizationProvider {
+
+    private final AppInstallationProvider appInstallationProvider;
+
+    private String authorization;
+
+    @Nonnull
+    private Instant validUntil = Instant.MIN;
+
+    /**
+     * Provides an AuthorizationProvider that performs automatic token refresh, based on an previously authenticated
+     * github client.
+     *
+     * @param appInstallationProvider
+     *            An AppInstallationProvider that the authorization provider will use to retrieve the App.
+     * @param authorizationProvider
+     *            A authorization provider that returns a JWT token that can be used to refresh the App Installation
+     *            token from GitHub.
+     */
+    @BetaApi
+    public AppInstallationAuthorizationProvider(AppInstallationProvider appInstallationProvider,
+            AuthorizationProvider authorizationProvider) {
+        super(authorizationProvider);
+        this.appInstallationProvider = appInstallationProvider;
+    }
+
+    @Override
+    public String getEncodedAuthorization() throws IOException {
+        synchronized (this) {
+            if (authorization == null || Instant.now().isAfter(this.validUntil)) {
+                String token = refreshToken();
+                authorization = String.format("token %s", token);
+            }
+            return authorization;
+        }
+    }
+
+    private String refreshToken() throws IOException {
+        GitHub gitHub = this.gitHub();
+        GHAppInstallation installationByOrganization = appInstallationProvider.getAppInstallation(gitHub.getApp());
+        GHAppInstallationToken ghAppInstallationToken = installationByOrganization.createToken().create();
+        this.validUntil = ghAppInstallationToken.getExpiresAt().toInstant().minus(Duration.ofMinutes(5));
+        return Objects.requireNonNull(ghAppInstallationToken.getToken());
+    }
+
+    /**
+     * Provides an interface that returns an app to be used by an AppInstallationAuthorizationProvider
+     */
+    @FunctionalInterface
+    public interface AppInstallationProvider {
+        /**
+         * Provides a GHAppInstallation for the given GHApp
+         *
+         * @param app
+         *            The GHApp to use
+         * @return The GHAppInstallation
+         * @throws IOException
+         *             on error
+         */
+        GHAppInstallation getAppInstallation(GHApp app) throws IOException;
+    }
+}

src/main/java/org/kohsuke/github/authorization/OrgAppInstallationAuthorizationProvider.java

@@ -1,28 +1,12 @@
 package org.kohsuke.github.authorization;
 
 import org.kohsuke.github.BetaApi;
-import org.kohsuke.github.GHAppInstallation;
-import org.kohsuke.github.GHAppInstallationToken;
-import org.kohsuke.github.GitHub;
-
-import java.io.IOException;
-import java.time.Duration;
-import java.time.Instant;
-import java.util.Objects;
-
-import javax.annotation.Nonnull;
 
 /**
  * An AuthorizationProvider that performs automatic token refresh for an organization's AppInstallation.
  */
-public class OrgAppInstallationAuthorizationProvider extends GitHub.DependentAuthorizationProvider {
-
-    private final String organizationName;
-
-    private String authorization;
-
-    @Nonnull
-    private Instant validUntil = Instant.MIN;
+@Deprecated
+public class OrgAppInstallationAuthorizationProvider extends AppInstallationAuthorizationProvider {
 
     /**
      * Provides an AuthorizationProvider that performs automatic token refresh, based on an previously authenticated
@@ -33,31 +17,13 @@ public class OrgAppInstallationAuthorizationProvider extends GitHub.DependentAut
      * @param authorizationProvider
      *            A authorization provider that returns a JWT token that can be used to refresh the App Installation
      *            token from GitHub.
+     *
+     * @deprecated Replaced by {@link AppInstallationAuthorizationProvider}
      */
     @BetaApi
+    @Deprecated
     public OrgAppInstallationAuthorizationProvider(String organizationName,
             AuthorizationProvider authorizationProvider) {
-        super(authorizationProvider);
-        this.organizationName = organizationName;
-    }
-
-    @Override
-    public String getEncodedAuthorization() throws IOException {
-        synchronized (this) {
-            if (authorization == null || Instant.now().isAfter(this.validUntil)) {
-                String token = refreshToken();
-                authorization = String.format("token %s", token);
-            }
-            return authorization;
-        }
-    }
-
-    private String refreshToken() throws IOException {
-        GitHub gitHub = this.gitHub();
-        GHAppInstallation installationByOrganization = gitHub.getApp()
-                .getInstallationByOrganization(this.organizationName);
-        GHAppInstallationToken ghAppInstallationToken = installationByOrganization.createToken().create();
-        this.validUntil = ghAppInstallationToken.getExpiresAt().toInstant().minus(Duration.ofMinutes(5));
-        return Objects.requireNonNull(ghAppInstallationToken.getToken());
+        super(app -> app.getInstallationByOrganization(organizationName), authorizationProvider);
     }
 }

…stallationAuthorizationProviderTest.java …stallationAuthorizationProviderTest.javasrc/test/java/org/kohsuke/github/OrgAppInstallationAuthorizationProviderTest.java renamed to src/test/java/org/kohsuke/github/AppInstallationAuthorizationProviderTest.java src/test/java/org/kohsuke/github/OrgAppInstallationAuthorizationProviderTest.java renamed to src/test/java/org/kohsuke/github/AppInstallationAuthorizationProviderTest.java

@@ -1,24 +1,27 @@
 package org.kohsuke.github;
 
 import org.junit.Test;
+import org.kohsuke.github.authorization.AppInstallationAuthorizationProvider;
 import org.kohsuke.github.authorization.ImmutableAuthorizationProvider;
 import org.kohsuke.github.authorization.OrgAppInstallationAuthorizationProvider;
 
 import java.io.IOException;
 
 import static org.hamcrest.CoreMatchers.equalTo;
 import static org.hamcrest.CoreMatchers.notNullValue;
+import static org.hamcrest.CoreMatchers.startsWith;
 
 // TODO: Auto-generated Javadoc
+
 /**
- * The Class OrgAppInstallationAuthorizationProviderTest.
+ * The Class AppInstallationAuthorizationProviderTest.
  */
-public class OrgAppInstallationAuthorizationProviderTest extends AbstractGHAppInstallationTest {
+public class AppInstallationAuthorizationProviderTest extends AbstractGHAppInstallationTest {
 
     /**
      * Instantiates a new org app installation authorization provider test.
      */
-    public OrgAppInstallationAuthorizationProviderTest() {
+    public AppInstallationAuthorizationProviderTest() {
         useDefaultGitHub = false;
     }
 
@@ -48,7 +51,8 @@ public void invalidJWTTokenRaisesException() throws IOException {
      */
     @Test
     public void validJWTTokenAllowsOauthTokenRequest() throws IOException {
-        OrgAppInstallationAuthorizationProvider provider = new OrgAppInstallationAuthorizationProvider("hub4j-test-org",
+        AppInstallationAuthorizationProvider provider = new AppInstallationAuthorizationProvider(
+                app -> app.getInstallationByOrganization("hub4j-test-org"),
                 ImmutableAuthorizationProvider.fromJwtToken("bogus-valid-token"));
         gitHub = getGitHubBuilder().withAuthorizationProvider(provider)
                 .withEndpoint(mockGitHub.apiServer().baseUrl())
@@ -59,4 +63,27 @@ public void validJWTTokenAllowsOauthTokenRequest() throws IOException {
         assertThat(encodedAuthorization, equalTo("token v1.9a12d913f980a45a16ac9c3a9d34d9b7sa314cb6"));
     }
 
+    /**
+     * Lookup of an app by id works as expected
+     *
+     * @throws IOException
+     *             Signals that an I/O exception has occurred.
+     */
+    @Test
+    public void validJWTTokenWhenLookingUpAppById() throws IOException {
+        AppInstallationAuthorizationProvider provider = new AppInstallationAuthorizationProvider(
+                // https://github.com/organizations/hub4j-test-org/settings/installations/12129901
+                app -> app.getInstallationById(12129901L),
+                jwtProvider1);
+        gitHub = getGitHubBuilder().withAuthorizationProvider(provider)
+                .withEndpoint(mockGitHub.apiServer().baseUrl())
+                .build();
+        String encodedAuthorization = provider.getEncodedAuthorization();
+
+        assertThat(encodedAuthorization, notNullValue());
+        // we could assert on the exact token with wiremock, but it would make the update of the test more complex
+        // do we really care, getting a token should be enough.
+        assertThat(encodedAuthorization, startsWith("token ghs_"));
+    }
+
 }

src/test/java/org/kohsuke/github/GHAuthenticatedAppInstallationTest.java

@@ -1,7 +1,7 @@
 package org.kohsuke.github;
 
 import org.junit.Test;
-import org.kohsuke.github.authorization.OrgAppInstallationAuthorizationProvider;
+import org.kohsuke.github.authorization.AppInstallationAuthorizationProvider;
 
 import java.io.IOException;
 import java.util.List;
@@ -22,7 +22,8 @@ public class GHAuthenticatedAppInstallationTest extends AbstractGHAppInstallatio
      */
     @Override
     protected GitHubBuilder getGitHubBuilder() {
-        OrgAppInstallationAuthorizationProvider provider = new OrgAppInstallationAuthorizationProvider("hub4j-test-org",
+        AppInstallationAuthorizationProvider provider = new AppInstallationAuthorizationProvider(
+                app -> app.getInstallationByOrganization("hub4j-test-org"),
                 jwtProvider1);
         return super.getGitHubBuilder().withAuthorizationProvider(provider);
     }