diff --git a/internal/githubclient/client.go b/internal/githubclient/client.go index a6d9bed..1a16d7c 100644 --- a/internal/githubclient/client.go +++ b/internal/githubclient/client.go @@ -1,13 +1,12 @@ package githubclient import ( + "context" "crypto/rsa" "crypto/x509" - "encoding/json" "encoding/pem" "errors" "fmt" - "io" "net/http" "strconv" "time" @@ -96,36 +95,44 @@ func generateAppJWT(appID string, issuedAt time.Time, privateKeyPEM []byte) (str } func getInstallationAccessToken(baseURL, appJWT, installationID string) (string, error) { - url := fmt.Sprintf("%s/app/installations/%s/access_tokens", baseURL, installationID) + tc := &http.Client{ + Transport: &jwtTransport{ + token: appJWT, + rt: http.DefaultTransport, + }, + Timeout: 30 * time.Second, + } - req, err := http.NewRequest("POST", url, nil) + client, err := github.NewClient(tc).WithEnterpriseURLs(baseURL, baseURL) if err != nil { - return "", fmt.Errorf("failed to create request: %v", err) + return "", fmt.Errorf("failed to create github client: %v", err) } - req.Header.Set("Authorization", "Bearer "+appJWT) - req.Header.Set("Accept", "application/vnd.github.v3+json") - req.Header.Set("User-Agent", "terraform-provider-kw-github") - - client := &http.Client{Timeout: 30 * time.Second} - resp, err := client.Do(req) + installationIDInt, err := strconv.ParseInt(installationID, 10, 64) if err != nil { - return "", fmt.Errorf("failed to make request: %v", err) + return "", fmt.Errorf("invalid installation ID: %v", err) } - defer resp.Body.Close() - if resp.StatusCode != http.StatusCreated { - body, _ := io.ReadAll(resp.Body) - return "", fmt.Errorf("failed to get access token: %s - %s", resp.Status, string(body)) + token, _, err := client.Apps.CreateInstallationToken( + context.Background(), + installationIDInt, + &github.InstallationTokenOptions{}, + ) + if err != nil { + return "", fmt.Errorf("failed to create installation token: %v", err) } - var tokenResp struct { - Token string `json:"token"` - } + return token.GetToken(), nil +} - if err := json.NewDecoder(resp.Body).Decode(&tokenResp); err != nil { - return "", fmt.Errorf("failed to decode response: %v", err) - } +type jwtTransport struct { + token string + rt http.RoundTripper +} - return tokenResp.Token, nil +func (t *jwtTransport) RoundTrip(req *http.Request) (*http.Response, error) { + req.Header.Set("Authorization", "Bearer "+t.token) + req.Header.Set("Accept", "application/vnd.github.v3+json") + req.Header.Set("User-Agent", "terraform-provider-kw-github") + return t.rt.RoundTrip(req) }