How do I convert the Authorization part of a Github POST request to be used in Roblox?

Help and Feedback Scripting Support
#1

Hello :wave:,
For context, this is the second of two posts for trying to figure out if it’s possible to make a plugin that can upload Roblox place files to GitHub through a plugin. (The first one is here)

As stated above, I’m trying to find a way to provide authentication to use GitHub’s API. Their example uses the curl command, but I’m attempting to use HTTPService:PostAsync. Here’s what it looks like:

curl -i -H "Authorization: token ghp_16C7e42F292c6912E7710c838347Ae178B4a" \
    -d '{ \
        "name": "blog", \
        "auto_init": true, \
        "private": true, \
        "gitignore_template": "nanoc" \
      }' \
    https://api.github.com/user/repos

(To find this code, go here and Ctrl-F for “POST”)
My code looks like this:

--Services
local HTTPService = game:GetService("HttpService")

HTTPService:PostAsync("https://api.github.com/users/CheeseGodRoblox", 
	{
		["Name"] = "blog";
	},nil,nil,
	{
		["Authorization"] = "(authorization token (confidential))"
	}
)

I’m getting HTTP 401 (Unauthorized)
I thought where I put the authorization is in the headers section of the POST, since a quote from what the -H flag does for the curl command does from a linux man page says Extra header to include in the request when sending HTTP to a server.

Where would I put my authentication to correctly use this command?

Also, I’m sort of new to networking stuff like this, so please assume I don’t know what you’re talking about :slight_smile:
Thanks,
Lord of Cheese :cheese:

#2

Did you put an auth code in the top code example there?
If so then it should probably be removed. (Not sure though since idk GitHub POST requests and their auth codes)

Edit from the 1st of November 2023, I no-longer use Roblox for any of my projects/endeavors as I do not wish for my projects to be locked into this centralized ecosystem, Roblox have made horrific decisions in the past and there is nothing stopping moderation or a hacker from permanently nuking my project from orbit.

Examples: Project A is on Roblox, Account is hacked, Project is deleted.

Project B is standalone and hosted via a dedicated server on a VPS, Account is hacked, A few misuses of permissions and account is disabled temporarily via the server itself but the project is perfectly fine aside from minor damage caused by misused account permissions.

Think before using platforms like this, Their blessings can also be curses.

#3

No, it was in the documentation like that, that’s not my information

#4

Ah right, just wanted to make sure that no API keys were leaked or anything.

1 Like
#5

Bump, maybe somebody can figure it out now :thinking: