env variables for credentials and configuration

internal/config/config.go

@@ -41,6 +41,9 @@ type ServerConf struct {
 	GithubClientSecret string `env:"GITHUB_CLIENT_SECRET"`
 	GithubLoginEnabled bool   `env:"GITHUB_LOGIN_ENABLED,default=true"`
 
+	GithubAppClientID     string `env:"GITHUB_APP_CLIENT_ID"`
+	GithubAppClientSecret string `env:"GITHUB_APP_CLIENT_SECRET"`
+
 	GoogleClientID         string `env:"GOOGLE_CLIENT_ID"`
 	GoogleClientSecret     string `env:"GOOGLE_CLIENT_SECRET"`
 	GoogleRestrictedDomain string `env:"GOOGLE_RESTRICTED_DOMAIN"`

server/api/api.go

@@ -81,6 +81,7 @@ type App struct {
 	// oauth-specific clients
 	GithubUserConf    *oauth2.Config
 	GithubProjectConf *oauth2.Config
+	GithubAppConf     *oauth2.Config
 	DOConf            *oauth2.Config
 	GoogleUserConf    *oauth2.Config
 
@@ -177,6 +178,19 @@ func New(conf *AppConfig) (*App, error) {
 		app.Capabilities.GithubLogin = sc.GithubLoginEnabled
 	}
 
+	fmt.Println("Github App Credentials:")
+	fmt.Println(sc.GithubAppClientID)
+	fmt.Println(sc.GithubAppClientSecret)
+
+	if sc.GithubAppClientID != "" && sc.GithubAppClientSecret != "" {
+		app.GithubAppConf = oauth.NewGithubClient(&oauth.Config{
+			ClientID:     sc.GithubAppClientID,
+			ClientSecret: sc.GithubAppClientSecret,
+			Scopes:       []string{},
+			BaseURL:      sc.ServerURL,
+		})
+	}
+
 	if sc.GoogleClientID != "" && sc.GoogleClientSecret != "" {
 		app.Capabilities.GoogleLogin = true
 

server/api/oauth_github_handler.go

@@ -324,11 +324,11 @@ func (app *App) HandleGithubAppOAuthCallback(w http.ResponseWriter, r *http.Requ
 	//	return
 	//}
 
-	token, err := app.GithubProjectConf.Exchange(oauth2.NoContext, r.URL.Query().Get("code"))
-
-	fmt.Println("exchanged token...")
+	token, err := app.GithubAppConf.Exchange(oauth2.NoContext, r.URL.Query().Get("code"))
 
 	if err != nil {
+		fmt.Println("error")
+		fmt.Println(err)
 		http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden)
 		return
 	}