From e843506c31bef06dd662dd4972576a5337356ff0 Mon Sep 17 00:00:00 2001
From: Marti Martz <Martii@users.noreply.github.com>
Date: Tue, 13 Apr 2021 15:37:11 -0600
Subject: [PATCH] Additional dep (#1793)

* Partially migrate to newer dep for GH API
* Adding some error protection, **but not all**, to the GH API deprecation of QSP's. This is probably temporary until a broader fix is implemented. GH importing may have to be disabled after May 5th, 2021... webhooks might be affected if the old (or new) Promise rejection fails. i.e. no more webhooks... but we'll see after the 5th of next month if not addressed.

Applies to #1705

NOTE(S):
* Due to the nature of the dependency with Promises it is currently contrary to the STYLEGUIDE.md See #1556 as is #1729 with ES6+ syntax.
* Doing what I can to avert this chaos but the Code is spread out all over the place.

Auto-merge
---
 README.md            |  7 ++++++-
 libs/githubClient.js | 41 ++++++++++++++++++++++++++++++++++++-----
 package.json         |  1 +
 routes.js            |  2 ++
 4 files changed, 45 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index aae438ca7..0f061f705 100644
--- a/README.md
+++ b/README.md
@@ -85,9 +85,9 @@ Repository | Reference | Recent Version
 [toobusy-js][toobusy-jsGHUrl] <br />&#x22D4; [`harmony`][toobusy-jsGHUrlHarmonyUrl] | [Documentation][toobusy-jsDOCUrl] | [![NPM version][toobusy-jsNPMVersionImage]][toobusy-jsNPMUrl]
 [underscore][underscoreGHUrl] | [Documentation][underscoreDOCUrl] | [![NPM version][underscoreNPMVersionImage]][underscoreNPMUrl]
 [useragent][useragentGHUrl] | [Documentation][useragentDOCUrl] | [![NPM version][useragentNPMVersionImage]][useragentNPMUrl]
+[@octokit/auth-oauth-app][auth-oauth-appUrl] | [Documentation][auth-oauth-appDOCUrl] | [![NPM version][auth-oauth-appNPMVersionImage]][auth-oauth-appNPMUrl]
 [@octokit/rest ᶠᵏᵃ ᵍᶦᵗʰᵘᵇ][githubGHUrl] | [Documentation][githubDOCUrl] | [![NPM version][githubNPMVersionImage]][githubNPMUrl]
 
-
 ##### Static
 
 Repository | Reference | Recent Version | Stored
@@ -478,6 +478,11 @@ Outdated dependencies list can also be achieved with `$ npm outdated`
 [squadaOneDOCUrl]: https://github.com/google/fonts/blob/master/README.md
 [squadaOneGHUrlRecent]: https://github.com/google/fonts/blob/master/ofl/squadaone/SquadaOne-Regular.ttf
 
+[auth-oauth-appGHUrl]: https://github.com/octokit/auth-oauth-app.js
+[auth-oauth-appDOCUrl]: https://github.com/octokit/auth-oauth-app.js/blob/master/README.md
+[auth-oauth-appNPMUrl]: https://www.npmjs.com/package/@octokit/auth-oauth-app
+[auth-oauth-appNPMVersionImage]: https://img.shields.io/npm/v/@octokit/auth-oauth-app.svg?style=flat
+
 [githubGHUrl]: https://github.com/octokit/rest.js
 [githubDOCUrl]: https://github.com/octokit/rest.js/blob/master/README.md
 [githubNPMUrl]: https://www.npmjs.com/package/@octokit/rest
diff --git a/libs/githubClient.js b/libs/githubClient.js
index 4db76f605..2a9a34ca3 100644
--- a/libs/githubClient.js
+++ b/libs/githubClient.js
@@ -7,13 +7,15 @@ var isDbg = require('../libs/debug').isDbg;
 var uaOUJS = require('../libs/debug').uaOUJS;
 
 //
-var GitHubApi = require("github");
 var _ = require("underscore");
 var async = require('async');
 var util = require('util');
 var request = require('request');
 var colors = require('ansi-colors');
 
+var GitHubApi = require("github");
+var createOAuthAppAuth = require("@octokit/auth-oauth-app").createOAuthAppAuth;
+
 // Client
 var github = new GitHubApi({
   version: "3.0.0"
@@ -22,23 +24,52 @@ module.exports = github;
 
 // Authenticate Client
 var Strategy = require('../models/strategy').Strategy;
-Strategy.findOne({ name: 'github' }, function (aErr, aStrat) {
+Strategy.findOne({ name: 'github' }, async function (aErr, aStrat) {
+  var auth = null;
+  var appAuthentication = null;
+
   if (aErr)
     console.error(aErr);
 
   if (aStrat) {
+    // This authentication authorization is currently required to authorize this app
+    //   to have the GitHub authentication callback work when the strategy `id` and `key` is found
+    //   and additional usage of the `id` and `key` elsewhere in the Code
+
+    auth = createOAuthAppAuth({
+      clientType: 'oauth-app',
+      clientId: aStrat.id,
+      clientSecret: aStrat.key
+    });
+
+    appAuthentication = await auth({
+      type: "oauth-app"
+    });
+
+    // TODO: Do something with `appAuthentication`
+
+    // DEPRECATED: This method will break on May 5th, 2021. See #1705
+    //  and importing a repo will be severely hindered with possible timeouts/failures
     github.authenticate({
       type: 'oauth',
       key: aStrat.id,
-      secret: aStrat.key,
+      secret: aStrat.key
     });
-    console.log(colors.green('GitHub client authenticated'));
+
+    // TODO: error handler for UnhandledPromiseRejectionWarning if it crops up after deprecation
+
+    if (github.auth) {
+      console.log(colors.green('GitHub client (a.k.a this app) is authenticated'));
+    } else {
+      console.log(colors.yellow('GitHub client (a.k.a this app) is partially authenticated'));
+    }
   } else {
-    console.warn(colors.yellow('GitHub client NOT authenticated. Will have a lower Rate Limit.'));
+    console.warn(colors.red('GitHub client NOT authenticated. Will have a lower Rate Limit.'));
   }
 
 });
 
+
 // Util functions for the client.
 github.usercontent = github.usercontent || {};
 
diff --git a/package.json b/package.json
index 46cf63da7..eebd4a0e0 100644
--- a/package.json
+++ b/package.json
@@ -7,6 +7,7 @@
     "ace-builds": "1.4.12",
     "ansi-colors": "4.1.1",
     "async": "3.2.0",
+    "@octokit/auth-oauth-app": "4.1.2",
     "aws-sdk": "2.879.0",
     "base62": "2.0.1",
     "body-parser": "1.19.0",
diff --git a/routes.js b/routes.js
index 37b1fa3e3..18dd4b04d 100644
--- a/routes.js
+++ b/routes.js
@@ -136,9 +136,11 @@ module.exports = function (aApp) {
   aApp.route('/users/:username/comments').get(listLimiter, user.userCommentListPage);
   aApp.route('/users/:username/scripts').get(listLimiter, user.userScriptListPage);
   aApp.route('/users/:username/syncs').get(listLimiter, user.userSyncListPage);
+
   aApp.route('/users/:username/github/repos').get(authentication.validateUser, user.userGitHubRepoListPage);
   aApp.route('/users/:username/github/repo').get(authentication.validateUser, user.userGitHubRepoPage);
   aApp.route('/users/:username/github/import').post(authentication.validateUser, user.userGitHubImportScriptPage);
+
   aApp.route('/users/:username/profile/edit').get(authentication.validateUser, user.userEditProfilePage).post(authentication.validateUser, user.update);
   aApp.route('/users/:username/update').post(authentication.validateUser, admin.adminUserUpdate);
   // NOTE: Some below inconsistent with priors