ghtoken 0.1.2

Installation

ghtoken requires Python 3.8 or higher. Just use pip for Python 3 (You have pip, right?) to install it:

python3 -m pip install ghtoken

API

Note: When retrieving GitHub access tokens, no validation of the token format is performed other than rejecting empty strings.

ghtoken.get_ghtoken(
    *,
    dotenv: bool | str | os.PathLike[str] = True,
    environ: bool = True,
    gh: bool = True,
    hub: bool = True,
    hub_oauthtoken: bool = True,
) -> str

Retrieve a locally-stored GitHub access token by checking various sources (listed below) and returning the first token found. Individual sources can be disabled by setting the corresponding keyword argument to False.

The sources are as follows, listed in the order in which they are consulted:

dotenv

Look for a .env file by searching from the current directory upwards and reading the first file found. Alternatively, a specific file may be read by setting the dotenv keyword argument to the path to the file. If the file (whether found by searching or explicitly specified) cannot be read or parsed, control proceeds to the next enabled source.

If the file contains a GH_TOKEN=... or GITHUB_TOKEN=... assignment with a non-empty value, that value is returned; otherwise, control proceeds to the next enabled source. If assignments for both keys are present, GH_TOKEN takes precedence over GITHUB_TOKEN.

Reading values from a .env file will not modify the process’s environment variables.

environ

If the environment variable GH_TOKEN or GITHUB_TOKEN is set to a nonempty string, that variable’s value is returned; otherwise, control proceeds to the next enabled source. If both environment variables are set, GH_TOKEN takes precedence over GITHUB_TOKEN.

gh

Retrieve a GitHub access token stored by the gh command by running gh auth token --hostname github.com. If the command fails or outputs an empty line, control proceeds to the next enabled source.

Note that, if gh has stored its access token in a system keyring, the user may be prompted to unlock the keyring.

Note that, if the GH_TOKEN or GITHUB_TOKEN environment variable is set to a nonempty string, gh will return the value of the envvar rather than returning whatever access token may already be stored, and this happens even if the environ argument to get_ghtoken() is False.

hub

Retrieve a GitHub access token from the hub configuration file. If the configuration file does not exist or is malformed, or if the file does not contain a nonempty token for the github.com domain, control proceeds to the next enabled source.

hub_oauthtoken

Retrieve a GitHub access token from the Git config key hub.oauthtoken, used by the git-hub program. If the key is set to the empty string, or if the Git config key hub.baseurl is set to a value other than https://api.github.com, control proceeds to the next enabled source.

Git config values are retrieved by running git config --get .... If such a command fails, control proceeds to the next enabled source.

If the hub.oauthtoken value starts with !, the rest of the value is executed as a shell command, and the command’s standard output (with leading & trailing whitespace stripped) is returned.

If no enabled source returns a token, then a ghtoken.GHTokenNotFound exception is raised.

ghtoken.ghtoken_from_dotenv(path: str | os.PathLike[str] | None = None) -> str

Retrieve a GitHub access token from an .env file as described above. A path to a specific file may be supplied. If no token is found, a ghtoken.GHTokenNotFound exception is raised.

ghtoken.ghtoken_from_environ() -> str

Retrieve a GitHub access token from environment variables as described above. If no token is found, a ghtoken.GHTokenNotFound exception is raised.

ghtoken.ghtoken_from_gh() -> str

Retrieve a GitHub access token from the gh command as described above. If no token is found, a ghtoken.GHTokenNotFound exception is raised.

ghtoken.ghtoken_from_hub() -> str

Retrieve a GitHub access token from the hub configuration file as described above. If no token is found, a ghtoken.GHTokenNotFound exception is raised.

ghtoken.ghtoken_from_hub_oauthtoken() -> str

Retrieve a GitHub access token from the hub.oauthtoken Git config option as described above. If no token is found, a ghtoken.GHTokenNotFound exception is raised.

Command

ghtoken also provides a command of the same name for looking up a GitHub token from the command line:

ghtoken [<options>]

ghtoken retrieves the local user’s GitHub access token from local storage and prints it. If no token can be found, a message is printed to standard error, and the command exits with a nonzero status.