Rust port of ghtkn (Go) — GitHub token management with OAuth device flow, keyring caching, and config-driven app selection.
cargo add ghtkn
cargo add tokio --features macros,rt-multi-threadCreate a config file at ~/.config/ghtkn/ghtkn.yaml (Linux/macOS) or %APPDATA%\ghtkn\ghtkn.yaml (Windows):
apps:
- name: my-app
client_id: Iv1.xxxxxxxxxxxxxxxxEach app entry requires a name and client_id from a GitHub App. Optionally add git_owner to scope an app to a specific GitHub organization.
use ghtkn::{Client, InputGet};
#[tokio::main]
async fn main() {
let client = Client::new();
let input = InputGet::default();
match client.get(&input).await {
Ok((token, app)) => {
println!("App: {}", app.name);
println!("User: {}", token.login);
println!(
"Token: {}...",
&token.access_token[..token.access_token.len().min(8)]
);
println!("Expires: {}", token.expiration_date);
}
Err(e) => eprintln!("Error: {e}"),
}
}- OAuth device flow — authenticate via browser using the device authorization grant (RFC 8628)
- Keyring caching — tokens are stored in the system keyring (macOS Keychain, Windows Credential Manager, Linux Secret Service) and reused across sessions
- Multi-app config — define multiple GitHub Apps in
ghtkn.yamland select by name orgit_owner - Silent token retrieval —
token_or_none()returns a cached token without prompting, useful for CLI tools that want optional authentication
Full API docs are available on docs.rs.
See CONTRIBUTING.md for development setup, commands, and release workflow.
MIT