无法检索用户的范围：GitHub API 上的 email

Question

I am using node-fetch retrieve an OAuth2 token from an OAuth2 GitHub App. The token returned works, I am able to retrieve user information from "https://api.github.com/user". I also need the email, which requires a call to https://api.github.com/user/emails [0]

This needs a scope of user:email which I set as a param:

app.get('/getAccessToken', async function (req, res) {
    const params = "?client_id=" + CLIENT_ID + "&client_secret=" + CLIENT_SECRET + "&code=" + req.query.code + "&scope=user:email";

    await fetch("https://github.com/login/oauth/access_token" + params, {
        method: "POST",
        headers: {
            "Accept": "application/json"
        }
    }).then((response) => {
        return response.json();
    }).then(data => {
        res.json(data);
    });
});

The problem is that the scope is not set:

I tried setting in the header, but still no joy:

headers: {
            "Accept": "application/json",
            "X-OAuth-Scopes": "user:email"
        }

The result of this, is the API returns a 404 which is indicative of an auth permission:

{
  message: 'Not Found',
  documentation_url: 'https://docs.github.com/rest/reference/users#list-email-addresses-for-the-authenticated-user'
}

I don't see how it can be this though, as I can access other private resources such as a private repo.

I thought it might be a permissions thing, so had a look around the OAuth2 App section, where I configured my app, but there is no place to declare scopes required

[0] https://docs.github.com/en/rest/users/emails?apiVersion=2022-11-28#list-email-addresses-for-the-authenticated-user

Answer 1

Following the documentation , using the Github SDK , you can find an example of get request to /user , the object in the response contains, among other information, the email.

 const octokit = new Octokit({ auth: 'YOUR-TOKEN' }) await octokit.request('GET /user', {})

I hope this helps!