[BUG]: 401. Message: Must authenticate to access this API. (GitHub Enterprise) #2709

hegdeashwin · 2024-07-08T09:22:42Z

What happened?

GItHub Octokit throws 401 error with GitHub App. Here is the code looks like

import dotenv from 'dotenv'
import fs from 'fs'
import http from 'http'
import { Octokit, App } from 'octokit'
import { createNodeMiddleware } from '@octokit/webhooks'
import { createAppAuth } from "@octokit/auth-app";

// Load environment variables from .env file
dotenv.config()

// Set configured values
const { APP_ID, ENTERPRISE_HOSTNAME, GITHUB_TOKEN, PRIVATE_KEY_PATH, WEBHOOK_SECRET, CLIENT_ID, CLIENT_SECRET } = process.env

const PRIVATE_KEY = fs.readFileSync(PRIVATE_KEY_PATH, 'utf8')

// Create an authenticated Octokit client authenticated as a GitHub App
const app = new App({
  appId: APP_ID,
  privateKey: PRIVATE_KEY,
  webhooks: {
    secret: WEBHOOK_SECRET
  },
  ...(ENTERPRISE_HOSTNAME && {
    Octokit: Octokit.defaults({
      auth: GITHUB_TOKEN,
      baseUrl: `https://${ENTERPRISE_HOSTNAME}/api/v3`
    })
  })
})

app.webhooks.on('pull_request.opened', async ({ octokit, payload }) => {
  try {
    await octokit.rest.pulls.createReviewComment({
      owner: payload.repository.owner.login,
      repo: payload.repository.name,
      issue_number: payload.pull_request.number,
      body: "Add new code review comment"
    })
  } catch (error) {
    if (error.response) {
      console.error(`Error! Status 3: ${error.response.status}. Message: ${error.response.data.message}`)
    } else {
      console.error(error)
    }
  }

  try {
    const response = await octokit.rest.pulls.listFiles({
      owner: payload.repository.owner.login,
      repo: payload.repository.name,
      issue_number: payload.pull_request.number
    })
    console.log('Response: ', JSON.stringify(response))
  } catch (error) {
    if (error.response) {
      console.error(`Error! Status 4: ${error.response.status}. Message: ${error.response.data.message}`)
    } else {
      console.error(error)
    }
  }

  try {
    await octokit.rest.pulls.requestReviewers({
      owner: payload.repository.owner.login,
      repo: payload.repository.name,
      issue_number: payload.pull_request.number,
      reviewers: ["user1"]
    })
  } catch (error) {
    if (error.response) {
      console.error(`Error! Status 5: ${error.response.status}. Message: ${error.response.data.message}`)
    } else {
      console.error(error)
    }
  }
})

app.webhooks.onError((error) => {
  if (error.name === 'AggregateError') {
    console.log(`Error processing request: ${error.event}`)
  } else {
    console.log(error)
  }
})

// Launch a web server to listen for GitHub webhooks
const port = process.env.PORT || 3004
const path = '/api/webhook'
const localWebhookUrl = `http://localhost:${port}${path}`

// See https://github.com/octokit/webhooks.js/#createnodemiddleware for all options
const middleware = createNodeMiddleware(app.webhooks, { path })

http.createServer(middleware).listen(port, () => {
  console.log(`Server is listening for events at: ${localWebhookUrl}`)
  console.log('Press Ctrl + C to quit.')
})

Note -

All the values for APP_ID, ENTERPRISE_HOSTNAME, GITHUB_TOKEN, PRIVATE_KEY_PATH, WEBHOOK_SECRET seems to be correct and verified.

Versions

Node v18, Octokit v4.0.2

Relevant log output

Error! Status 3: 401. Message: Must authenticate to access this API.
Error! Status 4: 401. Message: Must authenticate to access this API.
Error! Status 5: 401. Message: Must authenticate to access this API.

Without try catch:

AggregateError: 
    HttpError: Unauthorized. "POST /repos/{owner}/{repo}/pulls/{pull_number}/comments" failed most likely due to lack of authentication. Reason: "installation" key missing in webhook event payload
        at file:///Users/user1/Documents/project/mytestapp/node_modules/octokit/node_modules/@octokit/request/dist-bundle/index.js:106:21
        at async requestWithGraphqlErrorHandling (file:///Users/user1/Documents/project/mytestapp/node_modules/octokit/node_modules/@octokit/plugin-retry/dist-bundle/index.js:36:20)
        at async Job.doExecute (/Users/user1/Documents/project/mytestapp/node_modules/bottleneck/light.js:405:18)
    at file:///Users/user1/Documents/project/mytestapp/node_modules/@octokit/webhooks/dist-bundle/index.js:416:19
    at async middleware (file:///Users/user1/Documents/project/mytestapp/node_modules/@octokit/webhooks/dist-bundle/index.js:604:5) {
  event: {
    id: '6fdae3a0-3d0d-11ef-833a-9857aeba7dcd',
    name: 'pull_request',
    payload: {
      action: 'opened',
      number: 62,
      pull_request: [Object],
      repository: [Object],
      enterprise: [Object],
      sender: [Object]
    }
  },
  errors: [
    RequestError [HttpError]: Unauthorized. "POST /repos/{owner}/{repo}/pulls/{pull_number}/comments" failed most likely due to lack of authentication. Reason: "installation" key missing in webhook event payload
        at file:///Users/user1/Documents/project/mytestapp/node_modules/octokit/node_modules/@octokit/request/dist-bundle/index.js:106:21
        at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
        at async requestWithGraphqlErrorHandling (file:///Users/user1/Documents/project/mytestapp/node_modules/octokit/node_modules/@octokit/plugin-retry/dist-bundle/index.js:36:20)
        at async Job.doExecute (/Users/user1/Documents/project/mytestapp/node_modules/bottleneck/light.js:405:18) {
      status: 401,
      request: [Object],
      response: [Object],
      event: [Object]
    }
  ]
}

Code of Conduct

I agree to follow this project's Code of Conduct

The text was updated successfully, but these errors were encountered:

github-actions · 2024-07-08T09:22:55Z

👋 Hi! Thank you for this contribution! Just to let you know, our GitHub SDK team does a round of issue and PR reviews twice a week, every Monday and Friday! We have a process in place for prioritizing and responding to your input. Because you are a part of this community please feel free to comment, add to, or pick up any issues/PRs that are labeled with Status: Up for grabs. You & others like you are the reason all of this works! So thank you & happy coding! 🚀

hegdeashwin · 2024-07-08T12:39:38Z

Observations -
octokit.rest.issues.createComment, octokit.rest.issues.setLabels, GET /repos/{owner}/{repo}/pulls/{pull_number}/files and POST /repos/{owner}/{repo}/pulls/{pull_number}/requested_reviewers are working fine.

But octokit.rest.pulls.createReviewComment is failing with 401 error

gr2m · 2024-07-10T00:05:16Z

Sorry I thought I responded to your issue

auth: GITHUB_TOKEN,

I think this is the issue, it's not needed and probably overides the authentication of the octokit instance passed to the webhook handlers

hegdeashwin added Status: Triage This is being looked at and prioritized Type: Bug Something isn't working as documented labels Jul 8, 2024

octokitbot added this to 🧰 Octokit Active Jul 8, 2024

github-project-automation bot moved this to 🆕 Triage in 🧰 Octokit Active Jul 8, 2024

kfcampbell moved this from 🆕 Triage to 🔥 Backlog in 🧰 Octokit Active Jul 15, 2024

kfcampbell added Status: Up for grabs Issues that are ready to be worked on by anyone and removed Status: Triage This is being looked at and prioritized labels Jul 15, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[BUG]: 401. Message: Must authenticate to access this API. (GitHub Enterprise) #2709

[BUG]: 401. Message: Must authenticate to access this API. (GitHub Enterprise) #2709

hegdeashwin commented Jul 8, 2024 •

edited

Loading

github-actions bot commented Jul 8, 2024

hegdeashwin commented Jul 8, 2024

gr2m commented Jul 10, 2024

[BUG]: 401. Message: Must authenticate to access this API. (GitHub Enterprise) #2709

[BUG]: 401. Message: Must authenticate to access this API. (GitHub Enterprise) #2709

Comments

hegdeashwin commented Jul 8, 2024 • edited Loading

What happened?

Versions

Relevant log output

Code of Conduct

github-actions bot commented Jul 8, 2024

hegdeashwin commented Jul 8, 2024

gr2m commented Jul 10, 2024

hegdeashwin commented Jul 8, 2024 •

edited

Loading