Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Working with two-factor authentication #450

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Working with two-factor authentication #450

wants to merge 1 commit into from

Conversation

ddimitrioglo
Copy link

As mentioned in github API:

In addition to the Basic Authentication credentials, you must send the user's authentication code (i.e., one-time password) in the X-GitHub-OTP header.

And we will be able to use it like this:

const github = new GitHub({
    username: 'ddimitrioglo',
    password: 'xxxxxxxxxxxx',
    otp: '888999' // <= One-Time-Password
});

let me = github.getUser();

me.listRepos((err, repos) => {
    console.log(repos);
});

As mentioned in github API:
```
In addition to the Basic Authentication credentials, you must send the user's authentication code (i.e., one-time password) in the X-GitHub-OTP header.
```
And we will be able to use it like this:

```
const github = new GitHub({
    username: 'ddimitrioglo',
    password: 'xxxxxxxxxxxx',
    otp: '888999' // <= One-Time-Password
});

let me = github.getUser();

me.listRepos((err, repos) => {
    console.log(repos);
});
```
@j-rewerts
Copy link
Member

@clayreimann @CodyGramlich any idea how we would run tests on this? Seems like it may not be doable? Does GitHub provide any service you're aware of that would make testing possible?

@clayreimann
Copy link
Member

clayreimann commented Apr 9, 2019

@j-rewerts I think to add tests for this we'd have to create a test user, set them up with OTP, and then commit the secret/salt/QR code/whatever so that we could use something like [this library][opt-lib] to generate the OTP during tests. (That library is not a specific recommendation, just doing a quick search to see if there is likely to be a library that will work)

Thinking a bit more, we might need to have the configuration specify a callback that returns a current OTP value.

@j-rewerts
Copy link
Member

It seems like it could be possible. I'll sit on this for a bit and try to get something workable together.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants