FilesExpand file tree

 main

/

github.js

Copy path

Blame

More file actions

Blame

More file actions

Latest commit

 

History

History

History

204 lines (173 loc) · 4.38 KB

 main

/

github.js

Top

File metadata and controls

• Code
• Blame

204 lines (173 loc) · 4.38 KB

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

/**

* GitHub App 인증 및 API 유틸리티

*/

import { GITHUB_USER_AGENT, GITHUB_ACCEPT_HEADER } from "./constants.js";

/**

* GitHub API 요청 헤더 생성

*/

export function getGitHubHeaders(token) {

return {

Authorization: `Bearer ${token}`,

Accept: GITHUB_ACCEPT_HEADER,

"User-Agent": GITHUB_USER_AGENT,

};

}

/**

* content_node_id로부터 PR 정보 조회 (GraphQL)

*/

export async function getPRInfoFromNodeId(nodeId, token) {

const query = `

query($nodeId: ID!) {

node(id: $nodeId) {

... on PullRequest {

number

repository {

owner {

login

}

name

}

}

}

}

`;

const response = await fetch("https://api.github.com/graphql", {

method: "POST",

headers: getGitHubHeaders(token),

body: JSON.stringify({

query,

variables: { nodeId },

}),

});

const result = await response.json();

if (result.errors) {

throw new Error(`GraphQL error: ${JSON.stringify(result.errors)}`);

}

const prData = result.data?.node;

if (!prData) {

return null;

}

return {

number: prData.number,

owner: prData.repository.owner.login,

repo: prData.repository.name,

};

}

/**

* GitHub App Installation Token 발급

*/

export async function generateGitHubAppToken(env) {

// JWT 생성

const jwt = await createJWT(env.APP_ID, env.PRIVATE_KEY);

// Installation ID 조회

const installationsResponse = await fetch(

"https://api.github.com/app/installations",

{

headers: {

Authorization: `Bearer ${jwt}`,

Accept: "application/vnd.github+json",

"User-Agent": "DaleStudy-GitHub-App",

},

}

);

const installations = await installationsResponse.json();

const installation = installations.find(

(inst) => inst.account.login === "DaleStudy"

);

if (!installation) {

throw new Error("DaleStudy installation not found");

}

// Installation Token 생성

const tokenResponse = await fetch(

`https://api.github.com/app/installations/${installation.id}/access_tokens`,

{

method: "POST",

headers: {

Authorization: `Bearer ${jwt}`,

Accept: "application/vnd.github+json",

"User-Agent": "DaleStudy-GitHub-App",

},

}

);

const tokenData = await tokenResponse.json();

if (!tokenData.token) {

throw new Error(`Failed to get token: ${JSON.stringify(tokenData)}`);

}

return tokenData.token;

}

/**

* JWT 생성 (RS256)

*/

async function createJWT(appId, privateKeyPem) {

const now = Math.floor(Date.now() / 1000);

const header = {

alg: "RS256",

typ: "JWT",

};

const payload = {

iat: now - 60,

exp: now + 10 * 60, // 10분

iss: appId,

};

const encodedHeader = base64UrlEncode(JSON.stringify(header));

const encodedPayload = base64UrlEncode(JSON.stringify(payload));

const privateKey = await importPrivateKey(privateKeyPem);

const signature = await sign(

`${encodedHeader}.${encodedPayload}`,

privateKey

);

return `${encodedHeader}.${encodedPayload}.${signature}`;

}

/**

* Private Key import

*/

async function importPrivateKey(pem) {

// PKCS8 또는 PKCS1 형식 지원

const isPKCS8 = pem.includes("BEGIN PRIVATE KEY");

const pemHeader = isPKCS8

? "-----BEGIN PRIVATE KEY-----"

: "-----BEGIN RSA PRIVATE KEY-----";

const pemFooter = isPKCS8

? "-----END PRIVATE KEY-----"

: "-----END RSA PRIVATE KEY-----";

const pemContents = pem

.replace(pemHeader, "")

.replace(pemFooter, "")

.replace(/\s/g, "");

const binaryDer = Uint8Array.from(atob(pemContents), (c) => c.charCodeAt(0));

return await crypto.subtle.importKey(

"pkcs8",

binaryDer,

{

name: "RSASSA-PKCS1-v1_5",

hash: "SHA-256",

},

false,

["sign"]

);

}

/**

* Sign with RS256

*/

async function sign(data, key) {

const signature = await crypto.subtle.sign(

"RSASSA-PKCS1-v1_5",

key,

new TextEncoder().encode(data)

);

return base64UrlEncode(new Uint8Array(signature));

}

/**

* Base64 URL encode

*/

function base64UrlEncode(data) {

if (typeof data === "string") {

data = new TextEncoder().encode(data);

}

let binary = "";

const bytes = new Uint8Array(data);

for (let i = 0; i < bytes.byteLength; i++) {

binary += String.fromCharCode(bytes[i]);

}

return btoa(binary).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");

}