fixed bot安装仓库列表必须使用access_tokens获取到bot的token才能查询

This commit is contained in:
xxq250 2023-04-04 17:38:48 +08:00
parent 04c30be5a6
commit 80fa5330b2
3 changed files with 71 additions and 25 deletions

View File

@ -18,7 +18,10 @@ class InstallationsController < ApplicationController
def repositories def repositories
# 与github差异所以取安装用户和bot对应所有的仓库 # 与github差异所以取安装用户和bot对应所有的仓库
@install_bots = BotInstall.where(bot_id: get_bot_id).where(installer_id: params[:id]) # 必须使用access_tokens获取到bot的token才能查询
tip_exception "Token无效" if current_user.platform != "bot"
bot = Bot.find_by(uid: current_user.id)
@install_bots = BotInstall.where(bot_id: bot.id).where(installer_id: params[:id])
end end
def update_secret def update_secret

32
test/jwt_github_test.rb Normal file
View File

@ -0,0 +1,32 @@
require 'openssl'
require 'jwt' # https://rubygems.org/gems/jwt
# Private key contents
private_pem = File.read("/Users/xxq/Documents/gitlink-webhook.2022-06-09.private-key.pem")
private_key = OpenSSL::PKey::RSA.new(private_pem)
# Generate the JWT
payload = {
# issued at time, 60 seconds in the past to allow for clock drift
iat: Time.now.to_i - 60,
# JWT expiration time (10 minute maximum)
exp: Time.now.to_i + (10 * 60),
# GitHub App's identifier
iss: "209248"
}
jwt = JWT.encode(payload, private_key, "RS256")
puts jwt
# puts OpenSSL::PKey::RSA.new(private_key33).public_key.to_s
#
# rsa_private = OpenSSL::PKey::RSA.new(private_key33)
# rsa_public = rsa_private.public_key
#
#
# puts decoded_token[0]
# puts decoded_token[0]["iss"]
# serialized_private_key = OpenSSL::PKey::RSA::generate(2048).to_s

View File

@ -2,12 +2,35 @@ require 'openssl'
require 'jwt' # https://rubygems.org/gems/jwt require 'jwt' # https://rubygems.org/gems/jwt
# Private key contents # Private key contents
private_pem = File.read("/Users/xxq/Documents/gitlink-webhook.2022-06-09.private-key.pem") # private_pem = File.read("/Users/xxq/Documents/gitlink-webhook.2022-06-09.private-key.pem")
private_pem = "-----BEGIN RSA PRIVATE KEY-----
private_key22="-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEApOebWmRV/ooNq5Ks04YnDU7pEezGShGvaiF0cIvn9jvmYHu0\nFialojvJV3VpB6xE6QBPXZ0Pi1lokZ9dMx8F5UWNx9WA7wf7xK3hAJLNml+GeewF\nou8vk/Ry7n6diLxETNVd7YzPvztn5qaMp/DXa+65i11H8a/XXqR7kCVnCevVlufh\nNr/Dp6dW31W8TInnDQasJFMZ8GY7f+tCwLXNc0M8p+TeDp9xmXHOrEB+S/mgbUOF\nXgRr6icbMmlT9bsAxYHrrDkcVxJhs0hq5vD3BaoK06gcZEnN7/HVNzgVSOYNsVNh\n9006cMgDSOwc9F8aulP7cr8k74INq1xswoGs9wIDAQABAoIBAHayc2NkF3YJXv+h\nqx7yUEfHBgKuAKiuBCqLfCnKuqPFx/So9h5/oPeeuzVlwL0SJePlIjuK4vZ128v9\n/vLeILtADmbJ6m2jvHh8hBmKkc3Ndplp50C5k/CWoufCYZhbk3oOlvZ3Rc4rb4VZ\nWqNDu3voMMv8z91KqeZo1LwUAA/l9mU++zLkRA6qOuWGBJFsM8YpshzxL5lzRUb3\n7y+YJDyUZztfzKwr6pqm1n9B2e6e+znCw1vMZXp2TbUrpvrrXSxlgdNuK68SkZX6\nTdZUD8y0viwaioRVf3vR+e/Bf7yZannGdvcmVGs0A7dq9QgHkakqNHiRkQgwviSq\nbjBo7dECgYEAzekeP5j/dAPkv9X4qnmZ4du/+ZgrQrJckDD/JuNIBmQT9m286l4P\nmb2TBcWkswVOZaS5Qy2bN/69rwIbcdvbaROGBCabn3ATK4fSzmUk31M2rRKYZqaU\nMi0W2g2YtSRg+bV6S7aFXa98j5+JlqJeDZQoRuvL68ooq5WzFWmfYnkCgYEAzQTi\n4USqz2z66BfU+v2rchzK8URxnv7EW/CG3XFRsG+1UXCyEIct2L7rzvC7r7+jjS4s\ngmV3Civ1sckGMwikLzxFtUZ1LUBakZp/mmipIzxcHOeBsRdHei8BFvMNqveg1JpO\ncY/Fp+wEkSNLhfkb/IXRw0iwFalBRnyo4BJbLu8CgYBrQ7E6OB169jxHotNzGv2K\npssO3rJKgFev1ZZVT7jJe4Dasrfi7zT5RcQ9EYSGrZD1aiYIVM2zEcUGUfayDXHy\n/vSlXOdc2ylhV9P9KLtYiyTEbBdwAf7ZVJu+465VTqol6t/WaTJ4Z15gAx/NlK+i\nKzgAGf2Uyy78k3NDCE67IQKBgFwM0pUUEKEbLDhi4uRiWsTcep4C/gTGHIGvJ85r\nH6NZNI7BS6GyH/qOFjAO1CYfpB4yWhed2Om/PQw61sa5HYZ7yEyQuvG7UC7JsHsy\nfKZuZmkv5IIPkq8gRZv5OuzFS/fI5GmGhNdVV+OWdkVLyK4Do1/L1guTt9QfCm+4\nrioPAoGBALGr8aUAbz/A611M/bLnk04UYfV+M34/hCf6/rKiBHdQoIHOriSC9Nv7\nyhE5axTdmIWMxfbyb3vHJ5MizZkD/Qj0VDuMkyS2+3TepI6tySQE3YQeWnCMJI9i\nuoCZ31GBui4+W5udbx8NOVsJfXUQn/OAoOn6WuMNPdgB45KXcktj\n-----END RSA PRIVATE KEY-----\n" MIIEowIBAAKCAQEAy3rJwhzC9K5f4Rc6KwYQKvdsUsbzrKdENBCjGq0kZ8LJltw+
private_key33= "-----BEGIN RSA PRIVATE KEY-----\nMIIEogIBAAKCAQEAq/wUH8N+5fzj3hArKY7ChC591R/uKyeNM/BbsR2OGxO5F1CE\nozy6thtPult96Gm9oK3sMpLdYCze2YgozgteFO1Ft0o1GEJ1A4SinOKzeixLpFy0\n5N9t+iz7Xa7jC/1E3uy/s2WvSYCS9NnK2Uj3DQOH8BUWfkvyTtt91a2pplbPCV3T\nw1PykAcDWIFXVJJCMtYd2x+DukSWKHRsYbBCMtVZhEVuKmTE3FBTDVu9sN3b7uLL\n5RzHUg13QZZr9OvMNR3nUZl6yDxw+wD4anDrtpL9C+tFjhMyqsyYpYWwcJm65YiD\ny7Ps24IdcLB4iOxJE91fu+MnicvyBrtEjoBP/wIDAQABAoIBAAcKc9x1CW3q8300\n1j+GS6pTqO0fuIVlwh8dOPPATQAIx6wPrM5t/wrThWkQs8/e/Fdmp2POpWd5jsoD\nDACbcIeUyyTc0d2jYtz5AhtAIK7gv1wEO5efGgaC7ut/7GWiQb6KnLKAeDOfIuUJ\nQYexuAN9YIRQqLIU89+MltM3n9liZTMuPWRFJcitaDytXa10TCe5RUqHGZf49pi7\njCgk0x7jDYqbIzsqOu741P8My/gkAjKPkRnjaj3o6MrwHzIlc4t/6mKbaPnywywk\n6roYMqmytgueA9wxFcj74ekBQAaXsu4xRkbZXxjcBtIvTId5IHHK5Z/r3fgE9K3J\nOuzzJ1kCgYEA3uu/pUjJbKegOsgSdu3cO/NvRV2YsRD4NUgtiMCEakE4VQXRK5pf\nV8xqQeH/rLjZf5aP5xe8n25krh/c+m0ezOMyu5MmhoxaWCPWIezsaKJXOcvsOxIu\n2sJ9GRMXabyuDuSdL7ZGYMpLhRclXYLyPCz7wzN445IluTHuD3lJ2qUCgYEAxYFh\ncVD73yNZn9BN1DSGWpfPtLqOKIdG+xi/ypCSGpJG0QCJRFi7R1qJOxFtJNI8DRiD\nZapPEGLVd/KY5NzBGZBfNQt4DQH9qR4l43c6NNkisWA9rvXvCDqXKmBq7wfpnkYr\n4Ul2hXYmsPJjP8e0BfG54PaSu3BDBMJMtcgDktMCgYBvzyDdnwdgVyc3tHgGbMFk\n1HHAAfT/ArrrxpsIFz+TJ8lAY92JGDGwENhO2TLrCAAXTYY5657w/GbFKzgj5y1m\nqKIekOzm2WjLApZ5h6L/zEUhuRVwf2s+0AP82qWIpFlNIP9yGeNs0qpUQ8q6/13O\nLuXL/3on8nq3S8LSwgv3/QKBgDfM+g7d5ouAnU29uH9/54Wo5pIVMxzYO4Gt2GIO\nvnirYz6hfCbHOwJJ3gPGRKPmkfjROC59E6F5iv48mF3w0M28MGn4N47VRSmGzwWZ\nJeTQhDDBFCxeZ45Xn2Xln9Cw15xUDwmzi7zhSMUtdkUK0x3q0a1xfLtgWE775lhl\njjzpAoGAdUXFW1elfjXpfIYZf7vUV7MPquKL7qAcopd96XBszhOn7g+ibzem+wgt\n1UTSeOBESYANHeJk2MuWPSRXk/FlQETVIcPAEp0kxbwQE+7YEdrMVeDcIe5lPwGD\n+WuS3kg0MPgUrXZXn74gcwWmSIOyHfqXULqOxWE25uU2icdV+2w=\n-----END RSA PRIVATE KEY-----\n" TRuLVp0hwrWXS9msadjBnzatYneBrqnggj87pU0Mf/f6KkTmIsFH2gDKNMN6hRg/
private_key = OpenSSL::PKey::RSA.new(private_key33) JW5XXveexGa9dZIQHPKOmp9dC+YpLHOPRO0NsYJM/JoQ4rWRhtMvq0zR/fJDuXyt
# puts private_key.to_json xLehfH4N4ppVbdRGaK+FIKNCjHTmL/3jZ0b2J9D4Al9R5QWlEmRPa4ZFCOZNUMXK
nplNu2FE/ZjyKjE+f0MAn8hcSVR25XiQZ6StnxdyPvhXYNNU7yVJGTfCK/oTchTr
Tfk4bKIkct38datffjlhKM45VabhUfIStNr5uwIDAQABAoIBADSMgGBmBx8jjVVX
J0mHJlPCVDJIeROkmuOLTGQORPGbB26zcE9/houWxuo+9VS8YV9wgAh7GWntjQsr
ifR5GhFFha3iv7N82aYuHj05qP7ZYOHQcjZbearn7hOwqMsdLpYbOiLKd0Akb4uw
SFa3laq7CODPdP7nfy6/iXcGvtCC84E8XwDuUcFbzX8lLq0UI6HvdnySYOvglO3P
txqr76dc61nLEIu945uVKndzu65sWRfC397JG+hgYFUwikbiFPAVVH4jsiCzMAW0
oaTp6zQiE+h7HTGGHhnxFmnynmuq01E+wfxNvf8NHteBIMJA8g/gGHdpp+8E85V7
bcF8+fECgYEA5cs8nZHfrTdjqZB6vgY1sCVsuuHtmEACu3zbJu9dr21ps6bomnDW
Lw9Dx4tYSHPcL3zlu913qvXCnXsUGtjKeIVTHCdnwCnDTEam6GsDZab9zcmJ8Gkn
wqsjr/Cy7pjwxqT3nFRUGaJmrFUUfPQuNmSYWQbRiRIQirGY2JlZLvMCgYEA4q9Q
j8cwq5i1blWuyam8bx3efHBHMiMpJL/clc03//ddpsiae8GXZgRySJx9YPAYS+X/
ApVfnB/en+xidCIg8P2rRjRW/GgW3Y6rjLUMIFMD/0ObezX/dp2AVHUdOdlZ7z+k
4Ba8TZ8u5sfUO7USTxFl+fextLdBDSetOw/GDBkCgYAsYSjuwYpyWJ0t1VJvOqHJ
yCCMoy+Q1OPyM7XbeiUcyUO9x4FquloTMp6DfjzpmT6wCS4RLz96TAZvBaMnYDES
P6WCbXXTHf2y0H5RqsE4M50WzlKOlLByHz1AMHtOK0ltA9UyYvLvFHdB1xii3UHD
jYACyZdUIqIBNzVut4cK0wKBgBNbHOnp/EHqvDM7pb0afTiPuFuvyqSBVBYLO+6e
o1V77cc8AdTnZuITJx8EHcCVP73bWbcCwjM2lW/aY12/PEjXoDRSa8sJqEoq0IMn
Qm3QKNs3DqOqrLGYKUkM5v31jTRcnttzlYibOwoBriGbCIEv3yFFASuJKkjRRn1w
j1yhAoGBALqwZzRAle7t2jEWOyLaJeHUoSiZJv5dHOMRog7k5H24uTEKf3JCovQO
wZd4cIA4oXD/3b5cK3H2e5YjhBunsMRhRBLgz8FD4y69cKxbcgPvtjhkwYRB0/cy
21dHe2o7HfuZgUuh0kOlT0e326gQPIIlwuCBEAq6LzWrg8nd9Loz
-----END RSA PRIVATE KEY-----"
private_key = OpenSSL::PKey::RSA.new(private_pem)
# Generate the JWT # Generate the JWT
payload = { payload = {
@ -16,27 +39,15 @@ payload = {
# JWT expiration time (10 minute maximum) # JWT expiration time (10 minute maximum)
exp: Time.now.to_i + (10 * 60), exp: Time.now.to_i + (10 * 60),
# GitHub App's identifier # GitHub App's identifier
iss: "782" iss: "803"
} }
jwt = JWT.encode(payload, private_key, "RS256") jwt = JWT.encode(payload, private_key, "RS256")
puts jwt puts jwt
# puts OpenSSL::PKey::RSA.new(private_key33).public_key.to_s
#
rsa_private = OpenSSL::PKey::RSA.new(private_key33) decoded_token = JWT.decode "eyJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2ODA1OTkzNDAsImV4cCI6MTY4MDYwMDAwMCwiaXNzIjoiODAzIn0.wOCCMVbrulTVCIKDvmLtxCkTLtWJMGmY2mIZgfdJcKcixqZek1y_9YD7wF07wqP6qTjQaNiSDjdJSDGzO_Qi3qQT_2BaR6EWBUIcbaNz5GTHKLcOW4SFWj13OFJwjom6egz489b6qA3MPXmliWYR6F5zlLu1jlXjaWVvUZAy0AuAdmWiSocdjurt_giEIDefiRcPu_NbccWG-mAwa9wV9ja2PoZUJyHlzXR6rioLIO1rtw5bIX3E4YNPde9EkEK1eYLmedmhKfwlgX2CgdGodSHPg5Vro09XWiGaJkBwoi1T41BLVsb5hxqQc3DLrz1ZFFY1vXEkxIw4BIXitpk3kg", nil, false
rsa_public = rsa_private.public_key puts decoded_token
puts Time.now.to_i - 60 - decoded_token[0]["exp"].to_i > 0
# decoded_token = JWT.decode jwt, nil, false
begin
decoded_token = JWT.decode jwt, rsa_private, true, { algorithm: 'RS256' }
rescue JWT::DecodeError
puts "jwt is not mmmmmm"
end
#
puts decoded_token[0]
puts decoded_token[0]["iss"]
# serialized_private_key = OpenSSL::PKey::RSA::generate(2048).to_s