Import changes from cfsghost wrt. GitHub API v3, add option to provide organization base URL, API

.travis.yml

@@ -1,18 +1,17 @@
 language: "node_js"
 node_js:
+  - "9"
+  - "8"
+  - "7"
+  - "6"
   - "5"
   - "4"
-  - "3" # io.js
-  - "2" # io.js
-  - "1" # io.js
-  - "0.12"
-  - "0.10"
-  - "0.8"
-  - "0.6"
 
 
 before_install:
   - "npm install [email protected] -g"
+  - "npm install -g istanbul"
+  - "npm install -g coveralls"
   - "preinstall-compat"
 
 script:

README.md

@@ -5,17 +5,16 @@
 [![Quality](https://img.shields.io/codeclimate/github/jaredhanson/passport-github.svg?label=quality)](https://codeclimate.com/github/jaredhanson/passport-github)
 [![Dependencies](https://img.shields.io/david/jaredhanson/passport-github.svg)](https://david-dm.org/jaredhanson/passport-github)
 
-
 [Passport](http://passportjs.org/) strategy for authenticating with [GitHub](https://github.com/)
-using the OAuth 2.0 API.
+using the OAuth 3.0 API.
 
 This module lets you authenticate using GitHub in your Node.js applications.
 By plugging into Passport, GitHub authentication can be easily and
 unobtrusively integrated into any application or framework that supports
 [Connect](http://www.senchalabs.org/connect/)-style middleware, including
 [Express](http://expressjs.com/).
 
-## Install
+## Installation
 
 ```bash
 $ npm install passport-github
@@ -35,24 +34,21 @@ configure a callback URL which matches the route in your application.
 #### Configure Strategy
 
 The GitHub authentication strategy authenticates users using a GitHub account
-and OAuth 2.0 tokens.  The client ID and secret obtained when creating an
-application are supplied as options when creating the strategy.  The strategy
-also requires a `verify` callback, which receives the access token and optional
-refresh token, as well as `profile` which contains the authenticated user's
-GitHub profile.  The `verify` callback must call `cb` providing a user to
-complete authentication.
+and OAuth 3.0 tokens.  The strategy requires a `verify` callback, which accepts
+these credentials and calls `done` providing a user, as well as `options`
+specifying a client ID, client secret, and callback URL.
 
-```js
+```javascript
 var GitHubStrategy = require('passport-github').Strategy;
 
 passport.use(new GitHubStrategy({
     clientID: GITHUB_CLIENT_ID,
     clientSecret: GITHUB_CLIENT_SECRET,
     callbackURL: "http://127.0.0.1:3000/auth/github/callback"
   },
-  function(accessToken, refreshToken, profile, cb) {
+  function(accessToken, refreshToken, profile, done) {
     User.findOrCreate({ githubId: profile.id }, function (err, user) {
-      return cb(err, user);
+      return done(err, user);
     });
   }
 ));
@@ -96,6 +92,7 @@ expected to have corresponding test cases.  Ensure that the complete test suite
 passes by executing:
 
 ```bash
+$ npm install --only=dev
 $ make test
 ```
 
@@ -109,18 +106,13 @@ $ make test-cov
 $ make view-cov
 ```
 
-## Support
+[![Build Status](https://secure.travis-ci.org/cfsghost/passport-github.png)](http://travis-ci.org/cfsghost/passport-github)
 
-#### Funding
-
-This software is provided to you as open source, free of charge.  The time and
-effort to develop and maintain this project is dedicated by [@jaredhanson](https://github.com/jaredhanson).
-If you (or your employer) benefit from this project, please consider a financial
-contribution.  Your contribution helps continue the efforts that produce this
-and other open source software.
+## Support
 
-Funds are accepted via [PayPal](https://paypal.me/jaredhanson), [Venmo](https://venmo.com/jaredhanson),
-and [other](http://jaredhanson.net/pay) methods.  Any amount is appreciated.
+  - [Jared Hanson](http://github.com/jaredhanson)
+  - [Fred Chien](http://github.com/cfsghost)
+  - [Benjamin Spriggs](https://github.com/benjspriggs)
 
 ## License
 

lib/strategy.js

@@ -5,7 +5,6 @@ var OAuth2Strategy = require('passport-oauth2')
   , InternalOAuthError = require('passport-oauth2').InternalOAuthError
   , APIError = require('./errors/apierror');
 
-
 /**
  * `Strategy` constructor.
  *
@@ -18,10 +17,12 @@ var OAuth2Strategy = require('passport-oauth2')
  * credentials are not valid.  If an exception occured, `err` should be set.
  *
  * Options:
+ *   - `baseURL`       your GitHub organization base url (defaults to 'https://github.com')
+ *   - `apiURL`        your GitHub organization api url (defaults to 'https://api.github.com', usually constructed with `${baseURL}/api/v3`)
  *   - `clientID`      your GitHub application's Client ID
  *   - `clientSecret`  your GitHub application's Client Secret
  *   - `callbackURL`   URL to which GitHub will redirect the user after granting authorization
- *   - `scope`         array of permission scopes to request.  valid scopes include:
+ *   - `scope`         array of permission scopes to request. Valid scopes include:
  *                     'user', 'public_repo', 'repo', 'gist', or none.
  *                     (see http://developer.github.com/v3/oauth/#scopes for more info)
  *   — `userAgent`     All API requests MUST include a valid User Agent string.
@@ -32,7 +33,7 @@ var OAuth2Strategy = require('passport-oauth2')
  *
  *     passport.use(new GitHubStrategy({
  *         clientID: '123-456-789',
- *         clientSecret: 'shhh-its-a-secret'
+ *         clientSecret: 'shhh-its-a-secret',
  *         callbackURL: 'https://www.example.net/auth/github/callback',
  *         userAgent: 'myapp.com'
  *       },
@@ -50,8 +51,12 @@ var OAuth2Strategy = require('passport-oauth2')
  */
 function Strategy(options, verify) {
   options = options || {};
-  options.authorizationURL = options.authorizationURL || 'https://github.com/login/oauth/authorize';
-  options.tokenURL = options.tokenURL || 'https://github.com/login/oauth/access_token';
+
+
+  options.baseURL = options.baseURL || 'https://github.com';
+  options.apiURL = options.apiURL || 'https://api.github.com';
+  options.authorizationURL = options.authorizationURL || `${options.baseURL}/login/oauth/authorize`;
+  options.tokenURL = options.tokenURL || `${options.baseURL}/login/oauth/access_token`;
   options.scopeSeparator = options.scopeSeparator || ',';
   options.customHeaders = options.customHeaders || {};
 
@@ -60,10 +65,11 @@ function Strategy(options, verify) {
   }
 
   OAuth2Strategy.call(this, options, verify);
-  this.name = 'github';
-  this._userProfileURL = options.userProfileURL || 'https://api.github.com/user';
+  this.name = options.name || 'github';
+  this._userProfileURL = options.userProfileURL || `${options.apiURL}/user`;
+  this._userEmailURL = options.userEmailURL || `${options.apiURL}/user/emails`;
   this._oauth2.useAuthorizationHeaderforGET(true);
-  
+
   // NOTE: GitHub returns an HTTP 200 OK on error responses.  As a result, the
   //       underlying `oauth` implementation understandably does not parse the
   //       response as an error.  This code swizzles the implementation to
@@ -87,7 +93,6 @@ function Strategy(options, verify) {
 // Inherit from `OAuth2Strategy`.
 util.inherits(Strategy, OAuth2Strategy);
 
-
 /**
  * Retrieve user profile from GitHub.
  *
@@ -108,26 +113,26 @@ Strategy.prototype.userProfile = function(accessToken, done) {
   var self = this;
   this._oauth2.get(this._userProfileURL, accessToken, function (err, body, res) {
     var json;
-    
+
     if (err) {
       if (err.data) {
         try {
           json = JSON.parse(err.data);
         } catch (_) {}
       }
-      
+
       if (json && json.message) {
         return done(new APIError(json.message));
       }
       return done(new InternalOAuthError('Failed to fetch user profile', err));
     }
-    
+
     try {
       json = JSON.parse(body);
     } catch (ex) {
       return done(new Error('Failed to parse user profile'));
     }
-    
+
     var profile = Profile.parse(json);
     profile.provider  = 'github';
     profile._raw = body;
@@ -141,7 +146,7 @@ Strategy.prototype.userProfile = function(accessToken, done) {
           // information that was obtained.
           return done(null, profile);
         }
-        
+
         var json;
         try {
           json = JSON.parse(body);
@@ -150,15 +155,15 @@ Strategy.prototype.userProfile = function(accessToken, done) {
           // information that was obtained.
           return done(null, profile);
         }
-        
-        
+
+
         if (!json.length) {
           return done(null, profile);
         }
-        
+
         profile.emails = profile.emails || [];
         var publicEmail = profile.emails[0];
-        
+
         (json).forEach(function(email) {
           if (publicEmail && publicEmail.value == email.email) {
             profile.emails[0].primary = email.primary;
@@ -174,8 +179,7 @@ Strategy.prototype.userProfile = function(accessToken, done) {
       done(null, profile);
     }
   });
-}
-
+};
 
 // Expose constructor.
 module.exports = Strategy;