Deprecated
EzyOauth2 has now been superseded by Goa, so this document is for legacy information. For more information see OAuth2 for Apps Script in a few lines of code. If you are using EzyOauth2, it’s easy to migrate. If you are starting up, consider using Goa instead – it’s easier and has more features.
In Oauth2 step by step – apps script authentication for the Drive JSON API I posted a tutorial on using EzyOauth2 – taking some pain out of Apps Script API authentication.
Now here’s the same thing for the GitHub API, which also uses Oauth2.
Since there’s a good chance you’ll be creating an app that will not be running as a webapp, you’ll need to be able to refresh tokens automatically and work offline. The EzyOauth library takes care of all that but it needs an initial set up and some local code you may want to customize.
This will take you through each step from a completely new project, including all the stuff you have to do in the cloud console.

Step 1

Include the library – you’ll get its details by clicking below (it uses the public library list.)

Step 2.

Copy the code below into a new module to your project – it doesn’t need any customization, unless you want to change the property store that it uses to store your authentication information. I didn’t put this in a library as I prefer to leave Properties manipulation in the hands of the script owner but feel free to create your own from this.

Step 3

Now you need to register your app in GitHub. Don’t worry about the callback for now – we’ll change that later.
Get your credentials

Step 4.

Now create this function, set your own client ID and client secret, and run it.  I’ll refer to this credential package from now on as ‘gasgit’, but you can call it what you like with the packageName property.
Don’t change any of the other stuff.  A good idea might be to make it match whatever you called your app in the GitHub console. You only need to run this once. It will write these details to your chosen property store, and you can delete this function.

Step 5.

Even if you may be using this not as a webapp, you still need to do that once in order to allow the cloud console to recognize it and provoke an authorization dialogue. So copy this code into a new module. You don’t need to change it unless you’ve changed the package name.

Run doGet() to get permission for the things it will need to do as a webapp, then save a version, and publish as a web app and run. You’ll get the dialog from your construct screen function

Before clicking to authenticate, copy the published URI and head back to the github application console and replace the callback URI with the published URI (but replace /exec by /usercallback). I noticed that sometimes changing the redirect URI also changes the credentials. If it does, then repeat step 4 with updated credentials.

Now you can go ahead and complete the authentication dialog. You’ll get something that looks like this, which may be followed by a github password request.

Step 6

You can now get an access token anytime you want using getAccessToken(“gasgit”).
For help and more information join our community,  follow the blog or follow me on Twitter.