javascriptnode.jsexpressoctokit-js

NodeJS logging into Github with Octokit returns bad credentials


I am working on a project that is using Octokit to return data from the Github API. It is returning a 401 Bad Credentials and I am unsure of how to debug the problem.

In the documentation it says to separate the private key lines with '\n' and paste it all in the same line in the code. Because I don't want to store the private key in the code I am loading in the key from a separate .pem file using fs.readFileSync(githubCert).toString(). Is this the correct way to load the private key?

I have tried recreating my .pem file, including it in the code in the way described by the documentation (Also explained above) and tried using 'token' instead of 'bearer' (I know this shouldn't work but it was worth a shot).

My questions are is this the correct way of doing it? And what would be the proper process to debugging this kind of error?

Heres my code:

I am creating a Octokit app and getting the JWT token using:

const app = new App({ id: process.env.GITHUB_APP_ID, privateKey: fs.readFileSync(githubCert).toString() })
const jwt = app.getSignedJsonWebToken()

And to request the user from Github I use:

export async function getUser(username) {
    return await request('GET /users/:username', {
        username: username,
        headers: {
            authorization: `Bearer ${jwt}`,
            accept: 'application/vnd.github.machine-man-preview+json',
        },
    })
}

And the response from the server is:

{ HttpError: Bad credentials
    at response.text.then.message ([PATH TO FOLDER]/embeddable-github-cards/node_modules/@octokit/request/dist-node/index.js:66:23)
    at process._tickCallback (internal/process/next_tick.js:68:7)
  name: 'HttpError',
  status: 401,
  headers:
   { 'access-control-allow-origin': '*',
     'access-control-expose-headers':
      'ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type',
     connection: 'close',
     'content-length': '83',
     'content-security-policy': 'default-src \'none\'',
     'content-type': 'application/json; charset=utf-8',
     date: 'Fri, 24 Jan 2020 21:34:39 GMT',
     'referrer-policy': 'origin-when-cross-origin, strict-origin-when-cross-origin',
     server: 'GitHub.com',
     status: '401 Unauthorized',
     'strict-transport-security': 'max-age=31536000; includeSubdomains; preload',
     'x-content-type-options': 'nosniff',
     'x-frame-options': 'deny',
     'x-github-media-type': 'github.machine-man-preview; format=json',
     'x-github-request-id': 'CDBD:5718:1C15F98:32D0E0F:5E2B62EC',
     'x-ratelimit-limit': '60',
     'x-ratelimit-remaining': '57',
     'x-ratelimit-reset': '1579905160',
     'x-xss-protection': '1; mode=block' },
  request:
   { method: 'GET',
     url: 'https://api.github.com/users/defunkt',
     headers:
      { accept: 'application/vnd.github.machine-man-preview+json',
        'user-agent':
         'octokit-request.js/5.3.1 Node.js/10.16.3 (macOS Mojave; x64)',
        authorization: 'Bearer [REDACTED]' } },
  documentation_url: 'https://developer.github.com/v3' }

If you need more code here is a link to the repository: https://github.com/robert-harbison/embed-cards


Solution

  • Ok so I have figured out how to authenticate the GitHub api. I needed to stop using Octokit app and just used Octokit request using my personal GitHub token. To do this I added my personal token to environment variables and changed the request headers to be as follows:

    export async function getUser(username) {
        return await request('GET /users/:username', {
            username: username,
            headers: {
                Authorization: `token ${process.env.GITHUB_TOKEN}`,
                Accept: 'application/vnd.github.machine-man-preview+json',
            },
        })
    }