From 40dff6667435ce4fb4edf55862a50590af32e376 Mon Sep 17 00:00:00 2001
From: Andy Wilkinson <andy.wilkinson@broadcom.com>
Date: Thu, 14 Mar 2024 12:59:13 +0000
Subject: [PATCH] Require token-based authentication

Closes gh-104
---
 README.adoc                                   |  7 +++---
 .../github/service/GitHubProperties.java      | 24 +++++--------------
 .../github/service/GitHubService.java         |  9 ++++---
 .../github/service/GitHubServiceTests.java    | 21 ++++++++++++----
 4 files changed, 30 insertions(+), 31 deletions(-)

diff --git a/README.adoc b/README.adoc
index 4c09793..d8da99f 100644
--- a/README.adoc
+++ b/README.adoc
@@ -10,12 +10,11 @@ To generate a markdown changelog that comprise the list of bugs and issues in a
 changelog:
   repository: owner/name
 github:
-  username:
-  password:
+  token:
 ----
 
-NOTE: When generating a changelog for a public repository, the `username` and `password` properties are optional.
-However, specifying them ensures that you don't hit https://developer.github.com/v3/?#rate-limiting[GitHub's rate limit] easily.
+NOTE: When generating a changelog for a public repository, the `token` property is optional.
+However, specifying it ensures that you don't hit https://developer.github.com/v3/?#rate-limiting[GitHub's rate limit] easily.
 
 If you're using GitHub enterprise, the base url can be set using `github.api-url`.
 
diff --git a/src/main/java/io/spring/githubchangeloggenerator/github/service/GitHubProperties.java b/src/main/java/io/spring/githubchangeloggenerator/github/service/GitHubProperties.java
index 5e1b762..03d9c20 100644
--- a/src/main/java/io/spring/githubchangeloggenerator/github/service/GitHubProperties.java
+++ b/src/main/java/io/spring/githubchangeloggenerator/github/service/GitHubProperties.java
@@ -18,7 +18,6 @@
 
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.boot.context.properties.bind.DefaultValue;
-import org.springframework.util.StringUtils;
 
 /**
  * GitHub related properties.
@@ -35,32 +34,21 @@ public class GitHubProperties {
 	private final String apiUrl;
 
 	/**
-	 * The username for the GitHub user.
+	 * Token used for authentication.
 	 */
-	private final String username;
+	private final String token;
 
-	/**
-	 * The password for the GitHub user.
-	 */
-	private final String password;
-
-	public GitHubProperties(@DefaultValue("https://api.github.com") String apiUrl, String username, String password,
-			String token) {
+	public GitHubProperties(@DefaultValue("https://api.github.com") String apiUrl, String token) {
 		this.apiUrl = apiUrl;
-		this.username = username;
-		this.password = StringUtils.hasText(token) ? token : password;
+		this.token = token;
 	}
 
 	public String getApiUrl() {
 		return this.apiUrl;
 	}
 
-	public String getUsername() {
-		return this.username;
-	}
-
-	public String getPassword() {
-		return this.password;
+	public String getToken() {
+		return this.token;
 	}
 
 }
diff --git a/src/main/java/io/spring/githubchangeloggenerator/github/service/GitHubService.java b/src/main/java/io/spring/githubchangeloggenerator/github/service/GitHubService.java
index 0b650e0..fd22e12 100644
--- a/src/main/java/io/spring/githubchangeloggenerator/github/service/GitHubService.java
+++ b/src/main/java/io/spring/githubchangeloggenerator/github/service/GitHubService.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2018-2022 the original author or authors.
+ * Copyright 2018-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -55,10 +55,9 @@ public class GitHubService {
 	private final RestTemplate restTemplate;
 
 	public GitHubService(RestTemplateBuilder builder, GitHubProperties properties) {
-		String username = properties.getUsername();
-		String password = properties.getPassword();
-		if (StringUtils.hasLength(username)) {
-			builder = builder.basicAuthentication(username, password);
+		String token = properties.getToken();
+		if (StringUtils.hasLength(token)) {
+			builder = builder.defaultHeader(HttpHeaders.AUTHORIZATION, "Bearer " + token);
 		}
 		builder = builder.rootUri(properties.getApiUrl());
 		this.restTemplate = builder.build();
diff --git a/src/test/java/io/spring/githubchangeloggenerator/github/service/GitHubServiceTests.java b/src/test/java/io/spring/githubchangeloggenerator/github/service/GitHubServiceTests.java
index 294d1fa..e768b9d 100644
--- a/src/test/java/io/spring/githubchangeloggenerator/github/service/GitHubServiceTests.java
+++ b/src/test/java/io/spring/githubchangeloggenerator/github/service/GitHubServiceTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2018-2023 the original author or authors.
+ * Copyright 2018-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -21,7 +21,8 @@
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.client.RestClientTest;
-import org.springframework.boot.test.mock.mockito.MockBean;
+import org.springframework.boot.test.context.TestConfiguration;
+import org.springframework.context.annotation.Bean;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpMethod;
@@ -35,6 +36,7 @@
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
+import static org.springframework.test.web.client.match.MockRestRequestMatchers.header;
 import static org.springframework.test.web.client.match.MockRestRequestMatchers.method;
 import static org.springframework.test.web.client.match.MockRestRequestMatchers.requestTo;
 import static org.springframework.test.web.client.response.MockRestResponseCreators.withStatus;
@@ -46,7 +48,6 @@
  * @author Madhura Bhave
  */
 @RestClientTest(GitHubService.class)
-@MockBean(GitHubProperties.class)
 class GitHubServiceTests {
 
 	private static final String MILESTONES_URL = "/repos/org/repo/milestones?state=all&sort=due_on&direction=desc&per_page=50";
@@ -115,7 +116,9 @@ void getIssuesWhenMultiplePagesOfIssuesPresent() {
 	}
 
 	private ResponseActions expectGet(String expectedUri) {
-		return this.server.expect(requestTo(expectedUri)).andExpect(method(HttpMethod.GET));
+		return this.server.expect(requestTo(expectedUri))
+			.andExpect(method(HttpMethod.GET))
+			.andExpect(header(HttpHeaders.AUTHORIZATION, "Bearer the-bearer-token"));
 	}
 
 	private DefaultResponseCreator withJsonFrom(String path) {
@@ -130,4 +133,14 @@ private ClassPathResource getClassPathResource(String path) {
 		return new ClassPathResource(path, getClass());
 	}
 
+	@TestConfiguration
+	static class GitHubPropertiesConfiguration {
+
+		@Bean
+		GitHubProperties gitHubProperties() {
+			return new GitHubProperties("https://api.github.com", "the-bearer-token");
+		}
+
+	}
+
 }