Reputation: 3364
Authentication of a Github App with @octokit
I use @octokit/rest to access github and try to authenticate with the authenticate() function.
const credentials = { type: 'oauth', key: process.env.GITHUB_ID, secret: process.env.GITHUB_SECRET }
octokit.authenticate(credentials)
I've got the credentials from the settings page of my github app (OAuth credentials, at the bottom of the page) and I've checked that they are set correctly in the environment of the process.
https://www.npmjs.com/package/@octokit/rest#authentication says, that authenticate is synchronuous because it only sets the credentials for the following requests, so I don't use await here.
This seem to work, at least, it doesn't throw any errors.
My code to create the check run:
octokit.checks.create({...})
But when running this code, I get the error
{ HttpError: {"message":"You must authenticate via a GitHub App.","documentation_url":"https://developer.github.com/v3/checks/runs/#create-a-check-run "}
at response.text.then.message (/usr/app/node_modules/@octokit/rest/lib/request/request.js:72:19)
at process._tickCallback (internal/process/next_tick.js:68:7)
-- If I instead generate a JWT token and authenticate like this: const credentials = { type: 'oauth', token: process.env.GITHUB_TOKEN }
with the JWT like
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE1MzUxMTEwNzcsImV4cCI6MTUzNTExMTY3NywiaXNzIjoiSXYxLjAwNjhkZjdkYzRmNjNkMGIifQ.KHb1V3Fh6WKLAlcZkQPntVehvl1frp3rdBT9-lOTJRzAx8JxGyxpEUnOdwbNU3gmx_G1Fu3E3QEbcCWs0L743HkJ4B53JQpni1cQ1YZ25e0HH3OO6HW4WycaYbgGPcZRZCDe0vocwaxKjHq16uG7jsfVLC4lR94GVxJQhu-w9WX9BVxE3x_yqKdMhFYhKvez8oBpAXRZFQbKtw2rb8TXHV3-PKXTRCfO_fR_Omr7J3Mw26yHdnoRK1pA7BS5O1P0UAFmWshLted2UbE0S8SU0ZoUnZE0QA3wW-o4Q4-6oEGCK9UWLnnHAfn11Ow7rKulSUyCvZgKV8niGSL7R97nWg
I get the following response:
{"message":"Bad credentials","documentation_url":"https://developer.github.com/v3"}
Upvotes: 4
Views: 5633
Answers (1)
Reputation: 5440
Before using octokit.checks.create(), you need to generate an "installation token" which you can do by passing your JWT to this endpoint: https://api.github.com/app/installations/:installation_id/access_tokens
octokit/rest.js has a function which you can use to do that: http://octokit.github.io/rest.js/#api-Apps-createInstallationToken
Learn more about authenticating with GitHub Apps
You may also be interested in Probot, which is a JavaScript framework that simplifies GitHub App authentication a lot, and should be especially useful for interacting with the Checks API!
Hope this helps :)
Upvotes: 5
Related Questions
- Unable to Authenticate as Github App with Octokit/rest
- How do you authenticate a GitHub App in Node.js?
- Authenticate with Octokit.net and push with LibGit2Sharp to GitHub repository
- How to instantiate Octokit for user-as-a-server oAuth?
- Github App authentication not showing login
- Github API returning Error: Unable to get local issuer certificate
- Token passed to createTokenAuth is not a string : octokit, auth-token
- Implement Github Authentication and Authorization in a CLI App
- Github API add user to organization
- Authenticating via Github (using everyauth)