From 5824f4176e12c7bca77877ede90ba683b0b3c425 Mon Sep 17 00:00:00 2001
From: Paul Joey Clark <joeytwiddle@gmail.com>
Date: Sun, 9 Aug 2020 14:31:01 +0800
Subject: [PATCH] Use Basic auth for GitHub (#1705)

---
 libs/repoManager.js | 22 +++++++++++++++++++---
 1 file changed, 19 insertions(+), 3 deletions(-)

diff --git a/libs/repoManager.js b/libs/repoManager.js
index 2b9d0df3c..74d820d69 100644
--- a/libs/repoManager.js
+++ b/libs/repoManager.js
@@ -28,7 +28,7 @@ Strategy.findOne({ name: 'github' }, function (aErr, aStrat) {
 });
 
 // Requests a GitHub url and returns the chunks as buffers
-function fetchRaw(aHost, aPath, aCallback) {
+function fetchRaw(aHost, aPath, aCallback, aOptions) {
   var options = {
     hostname: aHost,
     port: 443,
@@ -39,6 +39,14 @@ function fetchRaw(aHost, aPath, aCallback) {
     }
   };
 
+  if (aOptions) {
+    // Ideally do a deep merge of aOptions -> options
+    // But for now, we just need the headers
+    if (aOptions.headers) {
+      Object.assign(options.headers, aOptions.headers);
+    }
+  }
+
   var req = https.request(options,
     function (aRes) {
 
@@ -66,10 +74,18 @@ function fetchRaw(aHost, aPath, aCallback) {
 // Use for call the GitHub JSON api
 // Returns the JSON parsed object
 function fetchJSON(aPath, aCallback) {
-  aPath += '?client_id=' + clientId + '&client_secret=' + clientKey;
+  // The old authentication method, which GitHub deprecated
+  //aPath += '?client_id=' + clientId + '&client_secret=' + clientKey;
+  // We must now use OAuth Basic (user+key) or Bearer (token)
+  var encodedAuth = Buffer.from(`${clientId}:${clientKey}`).toString('base64');
+  var opts = {
+    headers: {
+      Authorization: `Basic ${encodedAuth}`
+    }
+  };
   fetchRaw('api.github.com', aPath, function (aBufs) {
     aCallback(JSON.parse(Buffer.concat(aBufs).toString()));
-  });
+  }, opts);
 }
 
 // This manages actions on the repos of a user