I have a JavaScript file that needs to use the GitHub API to get the contents of a file stored in a repository.
I am using GitHub.js to access the API, and it shows the following method for authentication:
// basic auth
var gh = new GitHub({
username: 'FOO',
password: 'NotFoo'
/* also acceptable:
token: 'MY_OAUTH_TOKEN'
*/
});
This code will be viewable inside the repository, as well as in the developer settings in the browser. GitHub does not allow you to commit a file that contains an OAuth token, and publicly displaying the username and password for my account is obviously a non-option as well.
Is there any other way to do authentication? I tried using the client-id and client-secret but it doesn't seem to take those as valid credentials.
