GitHub Token Authentication (go-gl#108)

* use token auth during download * update readme with token info * remove unnecessary escape Co-authored-by: Matt Lynam <[email protected]>
eliasnaur · Jul 1, 2020 · 1d156fa · 1d156fa
1 parent 76a5465
commit 1d156fa
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 21 deletions.
diff --git a/README.md b/README.md
@@ -1,32 +1,28 @@
-Glow
-====
+# Glow
 
 Glow is an OpenGL binding generator for Go. Glow parses the [OpenGL XML API registry](https://github.com/KhronosGroup/OpenGL-Registry/tree/master/xml) and the [EGL XML API registry](https://github.com/KhronosGroup/EGL-Registry/tree/master/api) to produce a machine-generated cgo bridge between Go functions and native OpenGL functions. Glow is a fork of [GoGL2](https://github.com/chsc/gogl2).
 
 Features:
+
 - Go functions that mirror the C specification using Go types.
 - Support for multiple OpenGL APIs (GL/GLES/EGL/WGL/GLX/EGL), versions, and profiles.
 - Support for extensions (including debug callbacks).
 - Support for overloads to provide Go functions with different parameter signatures.
 
 See the [open issues](https://github.com/go-gl/glow/issues) for caveats about the current state of the implementation.
 
-Generated Packages
-------------------
+## Generated Packages
 
 Generated OpenGL binding packages are available in the [go-gl/gl](https://github.com/go-gl/gl) repository.
 
-Overloads
----------
+## Overloads
 
 See subdirectory `xml/overload` for examples. The motivation here is to provide Go functions with different parameter signatures of existing OpenGL functions.
 
 For example, `glVertexAttribPointer(..., void *)` cannot be used with `gl.VertexAttribPointer(..., unsafe.Pointer)` when using arbitrary offset values. The `checkptr` safeguard will abort the program when doing so.
-Overloads allow the creation of an additional `gl.VertexAttribPointerWithOffset(..., uintptr)`, which calls the original OpenGL function with appropriate casts.   
-
+Overloads allow the creation of an additional `gl.VertexAttribPointerWithOffset(..., uintptr)`, which calls the original OpenGL function with appropriate casts.
 
-Custom Packages
----------------
+## Custom Packages
 
 If the prebuilt, go-gettable packages are not suitable for your needs you can build your own. For example,
 
@@ -37,9 +33,10 @@ If the prebuilt, go-gettable packages are not suitable for your needs you can bu
     ./glow generate -api=gl -version=3.3 -profile=core -remext=GL_ARB_cl_event
     go install ./gl-core/3.3/gl
 
-**NOTE:** You will have to provide your GitHub account credentials to update the XML specification files.
+**NOTE:** You will have to provide a GitHub token ([personal access or OAuth2 token](https://developer.github.com/v3/auth/#basic-authentication)) to update the XML specification files.
 
 A few notes about the flags to `generate`:
+
 - `api`: One of `gl`, `gles1`, `gles2`, `egl`, `wgl`, or `glx`.
 - `version`: The API version to generate. The `all` pseudo-version includes all functions and enumerations for the specified API.
 - `profile`: For `gl` packages with version 3.2 or higher, `core` or `compatibility` ([explanation](http://www.opengl.org/wiki/Core_And_Compatibility_in_Contexts)).

diff --git a/download.go b/download.go
@@ -13,7 +13,6 @@ import (
 	"os"
 	"path/filepath"
 	"regexp"
-	"strings"
 	"sync"
 )
 
@@ -65,14 +64,14 @@ var docRepoFolders = []string{
 }
 var docRegexp = regexp.MustCompile(`^[ew]?gl[^u_].*\.xml$`)
 
-func validatedAuthHeader(username string, password string) (string, error) {
+func validatedAuthHeader(token string) (string, error) {
 	client := &http.Client{}
 	req, err := http.NewRequest("GET", "https://api.github.com/user", nil)
 	if err != nil {
 		return "", err
 	}
 
-	autStr := fmt.Sprintf("Basic %s", base64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("%s:%s", username, password))))
+	autStr := fmt.Sprintf("token %s", token)
 	req.Header.Add("Authorization", autStr)
 	resp, err := client.Do(req)
 	if err != nil {
@@ -82,7 +81,8 @@ func validatedAuthHeader(username string, password string) (string, error) {
 	defer resp.Body.Close()
 
 	if resp.StatusCode != 200 {
-		return "", errors.New("GitHub authorization failed")
+		data, _ := ioutil.ReadAll(resp.Body)
+		return "", errors.New(string(data))
 	}
 
 	return autStr, nil
@@ -104,14 +104,12 @@ func download(name string, args []string) {
 	}
 
 	reader := bufio.NewReader(os.Stdin)
-	fmt.Print("Enter GitHub username: ")
+	fmt.Print("Enter GitHub token: ")
 	input, _ := reader.ReadString('\n')
-	username := strings.Trim(input, "\n")
-	fmt.Print("Enter GitHub password: ")
-	input, _ = reader.ReadString('\n')
-	password := strings.Trim(input, "\n")
+	re := regexp.MustCompile("\r?\n")
+	token := re.ReplaceAllString(input, "")
 
-	authHeader, err := validatedAuthHeader(username, password)
+	authHeader, err := validatedAuthHeader(token)
 	if err != nil {
 		log.Fatalln("error with user authorization:", err)
 	}