I'm trying to use PHP/cURL to connect to a private GitHub repo I created and pull down files from that repo.
I fundamentally understand how to make cURL requests in PHP, how to send over headers in the request, etc. I'm also fine with the basic structure of the GitHub API for grabbing files, etc. For example, I understand the basic request structure for the following API page:
https://developer.github.com/v3/repos/contents/
However, where I'm struggling is with things like the authentication outlined on the following page:
https://developer.github.com/v3/#authentication
How do I get an Oauth 2 token? There's no real explanation on the page or any of the related documentation.
Also, I'm assuming that I probably need some special kind of key (maybe it's the token) to prove that I have authorized access to the private repo I'm trying to access, but I'm not sure what to do for that either.
If I can get the token (and possibly the API key for the private repo as well), then I think I can make the requests and do what I need to do, but the token generation/usage process is very unclear.
Can someone please provide some guidance on how to approach this?
Thank you.
Edit/Answer:
Thanks again to Adolfo Eloy in explaining how to do this.
Based on his advice, I ended up going to my profile settings, clicking on Developer settings, Personal access tokens, Generate new token, and then clicking the top checkbox for repo to get full rights to the private repos.
After doing that, I copied the generated access key and pasted it into Postman as follows:
I added a new header with the key Authorization and a value of token generated-token-string.
I then made a request to the following URL:
https://api.github.com/repos/user-name/repo-name
From there, I was able to use the GitHub API (https://developer.github.com/v3/) to get what I needed.
Hopefully this will help anyone else stuck in the same situation.
First of all you need to visit GitHub developers so you can register an OAuth2 application. Then you have to fill the registering form with your app info such as the name and the url of your application. The most important field now is the Authorization callback URL. This URL will be used by GitHub to redirect you (or the user of your application) to your previously registered application.
After filling all the fields, click on Register Application and GitHub will provide client credentials which will be the client_id and client_secret values.
Copy these credentials to assemble an Authorization URL to start requesting for an access token. Take a look at the authorization URL that I have built below (in my case I am using a client_id identified by daaaaaa75d1c77526e9 - and of course I think this client ID does not exists).
https://github.com/login/oauth/authorize?client_id=daaaaaa75d1c77526e9
&scope=gist&state=xdfads2342&allow_signup=false
&redirect_uri=http://localhost:8080/callback
The parameters sent are detailed as follows:
If the authorization phase runs successfuly, then the following URL might appear on your web browser (with different values for code and state):
http://localhost:8080/callback?code=24234324324234&state=xdfads2342
Now, all you have to do is to request an access token by sending a POST request to /login/oauth/access_token endpoint using a cURL tool as presented bellow:
curl -X POST "https://github.com/login/oauth/access_token"
-d "client_id=daaaaaa75d1c77526e9&client_secret=blablablabla
&code=24234324324234&state=xdfads2342
&redirect_uri=http://localhost:8080/callback"
Then you should receive the following result on your terminal (with a different access token of course):
access_token=23424234234324324lkj23l4kj32&scope=gist&token_type=bearer
Now, to use this access token you have to declare the http header as follows:
curl -H "Authorization: Bearer 23424234234324324lkj23l4kj32" "http://api.github.com/gists/public"