github.com/google/osv-scalibr@v0.4.1/veles/secrets/github/app_s2s_validator.go

github.com/google/osv-scalibr@v0.4.1/veles/secrets/github/app_s2s_validator.go (about)

     1  // Copyright 2025 Google LLC
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //      http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package github
    16  
    17  import (
    18  	"net/http"
    19  
    20  	"github.com/google/osv-scalibr/veles/secrets/common/simplevalidate"
    21  )
    22  
    23  // NewAppS2STokenValidator creates a new Validator that validates Github app
    24  // Server to Server token via the Github API endpoint.
    25  func NewAppS2STokenValidator() *simplevalidate.Validator[AppServerToServerToken] {
    26  	return &simplevalidate.Validator[AppServerToServerToken]{
    27  		Endpoint:   githubAPIBaseURL + S2SValidationEndpoint,
    28  		HTTPMethod: http.MethodGet,
    29  		HTTPHeaders: func(k AppServerToServerToken) map[string]string {
    30  			return apiHeaders(k.Token)
    31  		},
    32  		ValidResponseCodes:   []int{http.StatusOK, http.StatusForbidden},
    33  		InvalidResponseCodes: []int{http.StatusUnauthorized},
    34  		HTTPC: &http.Client{
    35  			Timeout: validationTimeout,
    36  		},
    37  	}
    38  }