Some "GHAppInstallation" methods need an installation token, not a JWT token

I can explain the oddity on lines 84-87, since I originally wrote them.

https://github.com/hub4j/github-api/blob/7c8a7ff26ebfb31aed3bfdd8f0825ea56142ba4e/src/test/java/org/kohsuke/github/AbstractGHAppInstallationTest.java#L71-L87

The GitHub client constructed on line 71 is using the JWT token. Which is appropriate for e.g. retrieving a list of installations for the app and other high-level information about the App.

The tests in GHAppInstallationTest.java are using API methods that need a client authenticated as an “Installation”, not an “App” though. I.e. a GitHub client needs to be constructed with the “installation token”, which is separate and is retrieved using the “JWT token”.

Details from the documentation:

• Authenticating as a GitHub App
• Authenticating as an installation

So the commented out code did exactly that - used the client with the “JWT token” to create an “installation token” and inserted it back on the GHAppInstallation object, so further API calls would correctly use the “installation token”.

I am pretty sure the live tests will fail now with that code commented out.

And I remember not finding a really nice way (without using setRoot()) of exchanging those tokens on the GHAppInstallation object, so it is probably an improvement opportunity.