GitHub App code host identities should be stored as an installation_id/user_id pair
Created by: pjlast
GitHub App installations are identified by an installation_id. This installation_id governs which repositories are accessible by the GitHub App. When a user authorises the App with its own OAuth flow, the user token can be used to fetch which installation_ids this user has access to. By storing a user's GitHub Identity, authed with a GitHub App flow, as a list of installation_id/user_id pairs, we can account for edge cases such as the user not doing SAML authentication during the authentication flow.
Similarly, when doing repo-centric permissions syncing with GitHub App, the user_ids should be stored with the same installation_id/user_id pair.
This means we can always be guaranteed that the user-centric view of permissions and the repo-centric view of permissions will be aligned by these ID pairs.
The changes that are required:
- Figure out exactly how we'll handle this in the DB. Currently the DB stores the GitHub
user_idalongside the access token, which sucks a little. I think one option is to have a "main"user_external_accountentry, that contains the auth token and all that, and then "sub"user_external_accountentries for eachinstallation_id/user_idpair in theaccount_idcolumn. Theirauth_datajust has to point back to the "main" entry, and they can have a "githubAppInstallation"service_typeor something - On user authentication with GitHub App, fetch list of installations user has access to alongside the
user_id. - When doing user-centric permissions syncing with a GitHub App connection, check for new installations the user has access to and update if necessary.