Skip to content

Commit 2878d26

Browse files
acrobatacrobat
authored
Merge pull request #711 from TVke/update-security-docs
Add more clearity about variables
2 parents d94da3d + 6fbcd18 commit 2878d26

File tree

1 file changed

+5
-2
lines changed

1 file changed

+5
-2
lines changed

doc/security.md

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@ and guess what should contain `$password`. The `$method` can contain one of the
2323

2424
The required value of `$password` depends on the chosen `$method`. For `Github\Client::AUTH_URL_TOKEN`,
2525
`Github\Client::AUTH_HTTP_TOKEN` and `Github\Client::JWT` methods you should provide the API token in
26-
`$username` variable (`$password` is omitted in this particular case). For the
26+
`$usernameOrToken` variable (`$password` is omitted in this particular case). For the
2727
`Github\Client::AUTH_HTTP_PASSWORD`, you should provide the password of the account. When using `Github\Client::AUTH_URL_CLIENT_ID`
2828
`$usernameOrToken` should contain your client ID, and `$password` should contain client secret.
2929

@@ -47,7 +47,7 @@ Note however that GitHub describes this method as deprecated. In most case you s
4747

4848
To authenticate as an integration you need to supply a JSON Web Token with `Github\Client::AUTH_JWT` to request
4949
and installation access token which is then usable with `Github\Client::AUTH_HTTP_TOKEN`. [Github´s integration
50-
authentication docs](https://developer.github.com/early-access/integrations/authentication/) describe the flow in detail.
50+
authentication docs](https://developer.github.com/apps/building-github-apps/authentication-options-for-github-apps/#authenticating-as-a-github-app) describe the flow in detail.
5151
It´s important for integration requests to use the custom Accept header `application/vnd.github.machine-man-preview`.
5252

5353
The following sample code authenticates as an installation using [lcobucci/jwt](https://github.com/lcobucci/jwt/tree/3.2.0)
@@ -74,3 +74,6 @@ $github->authenticate($jwt, null, Github\Client::AUTH_JWT);
7474
$token = $github->api('apps')->createInstallationToken($installationId);
7575
$github->authenticate($token['token'], null, Github\Client::AUTH_HTTP_TOKEN);
7676
```
77+
78+
The `$integrationId` you can find in the about section of your github app.
79+
The `$installationId` you can find by installing the app and using the id in the url.

0 commit comments

Comments
 (0)