GitHubAuth 1.0.2

dotnet add package GitHubAuth --version 1.0.2                
NuGet\Install-Package GitHubAuth -Version 1.0.2                
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="GitHubAuth" Version="1.0.2" />                
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add GitHubAuth --version 1.0.2                
#r "nuget: GitHubAuth, 1.0.2"                
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install GitHubAuth as a Cake Addin
#addin nuget:?package=GitHubAuth&version=1.0.2

// Install GitHubAuth as a Cake Tool
#tool nuget:?package=GitHubAuth&version=1.0.2                

GitHub Authentication .NET

nuget GitHub release NuGet license

The GitHub Authentication is a library that provides classes to facilitate the authentication process to the GitHub REST API.

It contains the fastest way to generate a JWT (JSON Web Token), which is a pre-requisite when authenticating to the GitHub REST API as an Application or an Application Installation.

This library has no dependencies. It is compatible with net6.0 and beyond.

Refer to the API Documentation to have a better understanding of each class and how to use it.

Generating a JWT (JSON Web Token)

In order to generate a JWT, the first thing necessary is a private key. You can generate the private key on GitHub. Check this document for more information.

The token will be in a file with the PEM extension. Store it in a location that your software can access.

For security reasons, never store the PEM file in the repository, even if it is a private repository. Also, never store it in a configuration file.

The simplest way to generate a token is:

// Assuming the application ID is 123456 (you can obtain your application ID in GitHub)
var jwt = new GitHubJwtWithRS256("path/to/pem_file.pem", "123456");
var token = jwt.Token;

The Token property returns the token to be used in the Request Header. Everytime you call the Token property, it will evaluate if the token needs renewal. If it does, then it will automatically renew it.

The JWT used for authenticate with the GitHub REST API needs a header and a payload, which is encrypted using the SHA256 hash algorithm, and signed using RS256.

The token is comprised of a header, a payload, and the signature. Both the header and payload are encoded with Base64Url.

The formula would then be Base64Url(header).Base64Url(payload).signature.

The header should have the algorithm and the type of token.

{
  "typ": "JWT",
  "alg": "RS256"
}

The header is represented by the GitHubJwtHeader class.

Payload

The payload should contain the following claims:

{
  "iat": 1651363200,
  "exp": 1651363800,
  "iss": "123456"
}
Claim Description Property Name
iat The time when the token was issued at GitHubJwtPayload.IssuedAt
exp The time when the token expires. Usually a token for a GitHub REST API cannot last more than 10 minutes. GitHubJwtPayload.ExpiresAt
iss The ID of the GitHub Application to authenticate GitHubJwtPayload.Issuer

The time is calculated using the number of seconds since January 1st 1970 (also known as Epoch).

The payload is represented by the GitHubJwtPayload class. The fields IssuedAt and ExpiresAt are stored as DateTime fields, however, when the JSON is generated, the system automatically converts the DateTime value into the proper numeric value, as expected by the API.

Authenticating with the AppAuthenticator

This library contains the class AppAuthenticator to facilitate the authentication process. It exposes methods to perform the authentication process and retrieve the necessary authentication data..

Method Purpose
GetToken() This method will return the JWT to be used to authenticate as a GitHub App
GetToken<T>(T input) This method will authenticate as a GitHub App Installation, based on the given input, and return the token

Users can retrieve the token any time by calling the GetToken<T>(T input) method. It automatically renews the token if necessary.

// Assuming the application ID is 123456 (you can obtain your application ID in GitHub)
var jwt = new GitHubJwtWithRS256("path/to/pem_file.pem", "123456");
var authenticator = new AppAuthenticator(jwt);

// Assuming the App Installation ID is 350000
var appInstallationId = 350000;
var authData = authenticator.GetToken(appInstallationId);

Console.WriteLine(authData.Token);  // this will print the token
Console.WriteLine(authData.Mode);   // this will print wether to use 'Token' or 'Bearer'

Benchmarks

The method to generate the JWT in this library is very simplified and optimized. Comparing it with another Nuget package yielded the following results:

Method Mean Error StdDev Rank Gen0 Gen1 Allocated
TokenWithGitHubAuth 1.921 ms 0.0081 ms 0.0075 ms 1 3.9063 - 29.83 KB
TokenWithGitHubJwt 2.514 ms 0.0164 ms 0.0146 ms 2 70.3125 3.9063 329.65 KB

The comparison was made using the BenchmarkDotNet library

Product Compatible and additional computed target framework versions.
.NET net6.0 is compatible.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 is compatible.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
  • net6.0

    • No dependencies.
  • net7.0

    • No dependencies.

NuGet packages (1)

Showing the top 1 NuGet packages that depend on GitHubAuth:

Package Downloads
GitHubApps

A framework to facilitate the creation of GitHub Apps using .NET

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
1.0.2 5,014 11/10/2023
1.0.2-preview.1 73 11/10/2023
1.0.1 145 11/10/2023
1.0.0 179 10/29/2023