Authorization API

Github4s supports the Authorization API. As a result, with Github4s, you can:

Previously, you were able to use the authorizations API with a username and password. This has been removed from the GitHub API as of November 13, 2020, and has also been removed from Github4s. For more information, see this documentation notice.

The following examples assume the following code:

import cats.effect.IO
import github4s.Github
import org.http4s.client.{Client, JavaNetClientBuilder}

val httpClient: Client[IO] = JavaNetClientBuilder[IO].create // You can use any http4s backend

val gh = Github[IO](httpClient, None)

NOTE: Above you can see Github(httpClient, None). This is due to the fact that if you are authenticating for the first time you don’t have any access token yet.

Authorize a url

Generates an authorize url with a random state, both are returned within an Authorize.

You can authorize a url using authorizeUrl; it takes as arguments:

  • client_id: the 20 character OAuth app client key for which to create the token.
  • redirect_uri: the URL in your app where users will be sent to after authorization.
  • scopes: attached to the token, for more information see the scopes doc.
val authorizeUrl = gh.auth.authorizeUrl(
  "e8e39175648c9db8c280",
  "http://localhost:9000/_oauth-callback",
  List("public_repo"))
authorizeUrl.flatMap(_.result match {
  case Left(e)  => IO.println(s"Something went wrong: ${e.getMessage}")
  case Right(r) => IO.println(r)
})

The result on the right is the created Authorize.

See the API doc for full reference.

Get an access token

Requests an access token based on the code retrieved in the Create a new authorization token step of the OAuth process.

You can get an access token using getAccessToken; it takes as arguments:

  • client_id: the 20 character OAuth app client key for which to create the token.
  • client_secret: the 40 character OAuth app client secret for which to create the token.
  • code: the code you received as a response to Create a new authorization token.
  • redirect_uri: the URL in your app where users will be sent after authorization.
  • state: the unguessable random string you optionally provided in Create a new authorization token.
val getAccessToken = gh.auth.getAccessToken(
  "e8e39175648c9db8c280",
  "1234567890",
  "code",
  "http://localhost:9000/_oauth-callback",
  "status")
getAccessToken.flatMap(_.result match {
  case Left(e)  => IO.println(s"Something went wrong: ${e.getMessage}")
  case Right(r) => IO.println(r)
})

The result on the right is the corresponding OAuthToken.

See the API doc for full reference.

As you can see, a few features of the authorization endpoint are missing.

As a result, if you’d like to see a feature supported, feel free to create an issue and/or a pull request!