Github apps token should be automatically refreshed #941
Description
Describe the bug
Currently, when we authenticate GitHub as an application, as per the official documentation:
Example code:
GitHub gh = new GitHubBuilder().withJwtToken(jwtToken).build();
GHAppInstallation installation = gh.getApp().getInstallationByOrganization("myorg");
GHAppInstallationToken ghAppInstallationToken = installation.createToken().create();
// At this point, ghAppInstallationToken should be valid to authenticate as an app
// installation for a given organization. The problem is that it will eventually expire
// in ~1hour
return new GitHubBuilder()
.withAppInstallationToken(ghAppInstallationToken.getToken())
.withJwtToken(jwtToken)
.withConnector(connector)
.build();The problem with this is that the token is only valid for a while (1 hour in my tests),
and we would need to update it depending on the expiration time that can
be obtained in:
ghAppInstallationToken.getExpiresAt();To Reproduce
Create a GitHub application, and perform an installation. Obtain the application installation token,
and use it. Approximately 1 hour later (for my manual tests) the token will expire and it will be
no longer valid.
Expected behavior
Once the GitHub builder /GitHub object is configured with a valid token, it should
automatically refresh the Token. Alternatively, a refresh mechanism should be provided
to manually refresh credentials.
Discussion
- Should the library provide a way of manually refreshing the Token, or instead automatically refresh it?
I can take care of this once we achieve some basic points of what would be the ideal outcome.