I've been trying to make the ability to download a private release from a private website for a client.
Using Node.JS I can use my personal access token to request all the releases, and importantly all the assets inside of that. Download URL works well but still requires the user to be logged into Github.com to access the file.
Request made on my Node API, which is then served to the frontend (to hide the Personal Access Token.)
const {data} = await axios.get("https://api.github.com/repos/<company>/<repo>/releases", {
auth: {
username: 'LukeXF',
password: '<key>'
}
})
So, I'm either:
Results so far:
I can't seem to get the GitHub URL to support inline authentication eg https://github.com/<company>/<repo>/releases/download/${asset}?accessToken=<key>
, which I didn't expect to work anyway, and also is a security vulnerability exposing the token like that.
Using the Node API as a middle man, I've got it working in parts, but can't seem to get the encoding or user agent working correct, or there are issues with the authentication (which is odd because the first request for the JSON file works without issues).
const fullUrl = `https://github.com/<company>/<repo>/releases/download/${asset}`;
const {data} = await axios.get(fullUrl, {
headers: {
'Accept': 'application/octet-stream',
// 'User-Agent': 'request module',
},
// encoding: null,
auth: {
username: 'LukeXF',
password: '<key>'
// token: '<key>'
}
});
Any guidance on downloading private release assets from GitHub through Node.js? I understand if the repo/releases were public then this wouldn't be an issue but it can't be made public. Perhaps I might need to host my repos on another platform I'm using Electron's auto-updater with private GitHub releases already, I just need to make the ability to manual download releases rather than automated.
If you're using a personal token, you can use Authorization
http header to authenticate using the api, see this :
const axios = require("axios");
const key = "YOUR_TOKEN";
(async () => {
//get releases
const { data } = await axios.get(
"https://api.github.com/repos/OWNER/REPO/releases",
{
headers: {
Authorization: `Token ${key}`,
},
}
);
console.log(data);
})();
The following script will download all assets from the latest release and save those assets to local files:
const axios = require("axios");
const fs = require("fs");
const key = "YOUR_TOKEN";
const authHeaders = {
Authorization: `Token ${key}`,
};
const repoWithOwner = "bertrandmartel/test-repo";
(async () => {
//get latest release
var response = await axios.get(
`https://api.github.com/repos/${repoWithOwner}/releases/latest`,
{
headers: authHeaders,
}
);
var assets = response.data.assets;
for (var i = 0; i < assets.length; i++) {
console.log(assets[i].url);
response = await axios({
method: "get",
url: assets[i].url,
responseType: "stream",
headers: {
Accept: "application/octet-stream",
...authHeaders,
},
});
response.data.pipe(fs.createWriteStream(assets[i].name)); //write asset to file
}
})();
Also, there is octokit github client for JS
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.