refactor: remove redundant API call (#175)

Combines the two installation requests (org and user) into one because
`/org/{org}` can also be accessed at `/users/{org}`.

---------

Co-authored-by: Gregor Martynus <[email protected]>

Author: parkerbxyz

dist/main.cjs

@@ -560,10 +560,10 @@ var require_proxy = __commonJS({
       })();
       if (proxyVar) {
         try {
-          return new URL(proxyVar);
+          return new DecodedURL(proxyVar);
         } catch (_a) {
           if (!proxyVar.startsWith("http://") && !proxyVar.startsWith("https://"))
-            return new URL(`http://${proxyVar}`);
+            return new DecodedURL(`http://${proxyVar}`);
         }
       } else {
         return void 0;
@@ -606,6 +606,19 @@ var require_proxy = __commonJS({
       const hostLower = host.toLowerCase();
       return hostLower === "localhost" || hostLower.startsWith("127.") || hostLower.startsWith("[::1]") || hostLower.startsWith("[0:0:0:0:0:0:0:1]");
     }
+    var DecodedURL = class extends URL {
+      constructor(url, base) {
+        super(url, base);
+        this._decodedUsername = decodeURIComponent(super.username);
+        this._decodedPassword = decodeURIComponent(super.password);
+      }
+      get username() {
+        return this._decodedUsername;
+      }
+      get password() {
+        return this._decodedPassword;
+      }
+    };
   }
 });
 
@@ -18140,7 +18153,7 @@ var require_lib = __commonJS({
         }
         const usingSsl = parsedUrl.protocol === "https:";
         proxyAgent = new undici_1.ProxyAgent(Object.assign({ uri: proxyUrl2.href, pipelining: !this._keepAlive ? 0 : 1 }, (proxyUrl2.username || proxyUrl2.password) && {
-          token: `${proxyUrl2.username}:${proxyUrl2.password}`
+          token: `Basic ${Buffer.from(`${proxyUrl2.username}:${proxyUrl2.password}`).toString("base64")}`
         }));
         this._proxyAgentDispatcher = proxyAgent;
         if (usingSsl && this._ignoreSslError) {
@@ -36791,11 +36804,11 @@ var RequestError = class extends Error {
   response;
   constructor(message, statusCode, options) {
     super(message);
-    if (Error.captureStackTrace) {
-      Error.captureStackTrace(this, this.constructor);
-    }
     this.name = "HttpError";
-    this.status = statusCode;
+    this.status = Number.parseInt(statusCode);
+    if (Number.isNaN(this.status)) {
+      this.status = 0;
+    }
     if ("response" in options) {
       this.response = options.response;
     }

dist/post.cjs

@@ -26,9 +26,7 @@ export async function main(
 
   // If neither owner nor repositories are set, default to current repository
   if (!owner && repositories.length === 0) {
-    const [owner, repo] = String(
-      process.env.GITHUB_REPOSITORY
-    ).split("/");
+    const [owner, repo] = String(process.env.GITHUB_REPOSITORY).split("/");
     parsedOwner = owner;
     parsedRepositoryNames = [repo];
 
@@ -52,7 +50,9 @@ export async function main(
     parsedRepositoryNames = repositories;
 
     core.info(
-      `owner not set, creating owner for given repositories "${repositories.join(',')}" in current owner ("${parsedOwner}")`
+      `owner not set, creating owner for given repositories "${repositories.join(
+        ","
+      )}" in current owner ("${parsedOwner}")`
     );
   }
 
@@ -62,7 +62,9 @@ export async function main(
     parsedRepositoryNames = repositories;
 
     core.info(
-      `owner and repositories set, creating token for repositories "${repositories.join(',')}" owned by "${owner}"`
+      `owner and repositories set, creating token for repositories "${repositories.join(
+        ","
+      )}" owned by "${owner}"`
     );
   }
 
@@ -76,24 +78,38 @@ export async function main(
   // If at least one repository is set, get installation ID from that repository
 
   if (parsedRepositoryNames.length > 0) {
-    ({ authentication, installationId, appSlug } = await pRetry(() => getTokenFromRepository(request, auth, parsedOwner, parsedRepositoryNames), {
-      onFailedAttempt: (error) => {
-        core.info(
-          `Failed to create token for "${parsedRepositoryNames.join(',')}" (attempt ${error.attemptNumber}): ${error.message}`
-        );
-      },
-      retries: 3,
-    }));
+    ({ authentication, installationId, appSlug } = await pRetry(
+      () =>
+        getTokenFromRepository(
+          request,
+          auth,
+          parsedOwner,
+          parsedRepositoryNames
+        ),
+      {
+        onFailedAttempt: (error) => {
+          core.info(
+            `Failed to create token for "${parsedRepositoryNames.join(
+              ","
+            )}" (attempt ${error.attemptNumber}): ${error.message}`
+          );
+        },
+        retries: 3,
+      }
+    ));
   } else {
     // Otherwise get the installation for the owner, which can either be an organization or a user account
-    ({ authentication, installationId, appSlug } = await pRetry(() => getTokenFromOwner(request, auth, parsedOwner), {
-      onFailedAttempt: (error) => {
-        core.info(
-          `Failed to create token for "${parsedOwner}" (attempt ${error.attemptNumber}): ${error.message}`
-        );
-      },
-      retries: 3,
-    }));
+    ({ authentication, installationId, appSlug } = await pRetry(
+      () => getTokenFromOwner(request, auth, parsedOwner),
+      {
+        onFailedAttempt: (error) => {
+          core.info(
+            `Failed to create token for "${parsedOwner}" (attempt ${error.attemptNumber}): ${error.message}`
+          );
+        },
+        retries: 3,
+      }
+    ));
   }
 
   // Register the token with the runner as a secret to ensure it is masked in logs
@@ -111,23 +127,13 @@ export async function main(
 }
 
 async function getTokenFromOwner(request, auth, parsedOwner) {
-  // https://docs.github.com/en/rest/apps/apps?apiVersion=2022-11-28#get-an-organization-installation-for-the-authenticated-app
-  const response = await request("GET /orgs/{org}/installation", {
-    org: parsedOwner,
+  // https://docs.github.com/rest/apps/apps?apiVersion=2022-11-28#get-a-user-installation-for-the-authenticated-app
+  // This endpoint works for both users and organizations
+  const response = await request("GET /users/{username}/installation", {
+    username: parsedOwner,
     request: {
       hook: auth.hook,
     },
-  }).catch((error) => {
-    /* c8 ignore next */
-    if (error.status !== 404) throw error;
-
-    // https://docs.github.com/rest/apps/apps?apiVersion=2022-11-28#get-a-user-installation-for-the-authenticated-app
-    return request("GET /users/{username}/installation", {
-      username: parsedOwner,
-      request: {
-        hook: auth.hook,
-      },
-    });
   });
 
   // Get token for for all repositories of the given installation
@@ -137,12 +143,17 @@ async function getTokenFromOwner(request, auth, parsedOwner) {
   });
 
   const installationId = response.data.id;
-  const appSlug = response.data['app_slug'];
+  const appSlug = response.data["app_slug"];
 
   return { authentication, installationId, appSlug };
 }
 
-async function getTokenFromRepository(request, auth, parsedOwner, parsedRepositoryNames) {
+async function getTokenFromRepository(
+  request,
+  auth,
+  parsedOwner,
+  parsedRepositoryNames
+) {
   // https://docs.github.com/rest/apps/apps?apiVersion=2022-11-28#get-a-repository-installation-for-the-authenticated-app
   const response = await request("GET /repos/{owner}/{repo}/installation", {
     owner: parsedOwner,
@@ -160,7 +171,7 @@ async function getTokenFromRepository(request, auth, parsedOwner, parsedReposito
   });
 
   const installationId = response.data.id;
-  const appSlug = response.data['app_slug'];
+  const appSlug = response.data["app_slug"];
 
   return { authentication, installationId, appSlug };
 }

lib/main.js

@@ -1,6 +1,6 @@
 import { test } from "./main.js";
 
-// Verify `main` successfully obtains a token when the `owner` input is set (to a user), but the `repositories` input isn’t set.
+// Verify retries work when getting a token for a user or organization fails on the first attempt.
 await test((mockPool) => {
   process.env.INPUT_OWNER = "smockle";
   delete process.env.INPUT_REPOSITORIES;
@@ -10,15 +10,15 @@ await test((mockPool) => {
   const mockAppSlug = "github-actions";
   mockPool
     .intercept({
-      path: `/orgs/${process.env.INPUT_OWNER}/installation`,
+      path: `/users/${process.env.INPUT_OWNER}/installation`,
       method: "GET",
       headers: {
         accept: "application/vnd.github.v3+json",
         "user-agent": "actions/create-github-app-token",
         // Intentionally omitting the `authorization` header, since JWT creation is not idempotent.
       },
     })
-    .reply(404);
+    .reply(500, "GitHub API not available");
   mockPool
     .intercept({
       path: `/users/${process.env.INPUT_OWNER}/installation`,
@@ -31,7 +31,7 @@ await test((mockPool) => {
     })
     .reply(
       200,
-      { id: mockInstallationId, "app_slug": mockAppSlug },
+      { id: mockInstallationId, app_slug: mockAppSlug },
       { headers: { "content-type": "application/json" } }
     );
 });

tests/main-token-get-owner-set-to-user-repo-unset.test.js renamed to tests/main-token-get-owner-set-fail-response.test.js

@@ -1,16 +1,16 @@
 import { test } from "./main.js";
 
-// Verify `main` successfully obtains a token when the `owner` input is set (to an org), but the `repositories` input isn’t set.
+// Verify `main` successfully obtains a token when the `owner` input is set, and the `repositories` input isn’t set.
 await test((mockPool) => {
   process.env.INPUT_OWNER = process.env.GITHUB_REPOSITORY_OWNER;
   delete process.env.INPUT_REPOSITORIES;
 
-  // Mock installation id and app slug request
+  // Mock installation ID and app slug request
   const mockInstallationId = "123456";
   const mockAppSlug = "github-actions";
   mockPool
     .intercept({
-      path: `/orgs/${process.env.INPUT_OWNER}/installation`,
+      path: `/users/${process.env.INPUT_OWNER}/installation`,
       method: "GET",
       headers: {
         accept: "application/vnd.github.v3+json",
@@ -20,7 +20,7 @@ await test((mockPool) => {
     })
     .reply(
       200,
-      { id: mockInstallationId, "app_slug": mockAppSlug },
+      { id: mockInstallationId, app_slug: mockAppSlug },
       { headers: { "content-type": "application/json" } }
     );
 });