3

I use @octokit/rest to access github and try to authenticate with the authenticate() function.

const credentials = { type: 'oauth', key: process.env.GITHUB_ID, secret: process.env.GITHUB_SECRET }
octokit.authenticate(credentials)

I've got the credentials from the settings page of my github app (OAuth credentials, at the bottom of the page) and I've checked that they are set correctly in the environment of the process.

https://www.npmjs.com/package/@octokit/rest#authentication says, that authenticate is synchronuous because it only sets the credentials for the following requests, so I don't use await here.

This seem to work, at least, it doesn't throw any errors.

My code to create the check run:

octokit.checks.create({...})

But when running this code, I get the error

{ HttpError: {"message":"You must authenticate via a GitHub App.","documentation_url":"https://developer.github.com/v3/checks/runs/#create-a-check-run "}
  at response.text.then.message (/usr/app/node_modules/@octokit/rest/lib/request/request.js:72:19)
  at process._tickCallback (internal/process/next_tick.js:68:7)

-- If I instead generate a JWT token and authenticate like this: const credentials = { type: 'oauth', token: process.env.GITHUB_TOKEN }

with the JWT like eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE1MzUxMTEwNzcsImV4cCI6MTUzNTExMTY3NywiaXNzIjoiSXYxLjAwNjhkZjdkYzRmNjNkMGIifQ.KHb1V3Fh6WKLAlcZkQPntVehvl1frp3rdBT9-lOTJRzAx8JxGyxpEUnOdwbNU3gmx_G1Fu3E3QEbcCWs0L743HkJ4B53JQpni1cQ1YZ25e0HH3OO6HW4WycaYbgGPcZRZCDe0vocwaxKjHq16uG7jsfVLC4lR94GVxJQhu-w9WX9BVxE3x_yqKdMhFYhKvez8oBpAXRZFQbKtw2rb8TXHV3-PKXTRCfO_fR_Omr7J3Mw26yHdnoRK1pA7BS5O1P0UAFmWshLted2UbE0S8SU0ZoUnZE0QA3wW-o4Q4-6oEGCK9UWLnnHAfn11Ow7rKulSUyCvZgKV8niGSL7R97nWg

I get the following response:

{"message":"Bad credentials","documentation_url":"https://developer.github.com/v3"}

JSchirrmacher
  • 3,243
  • 2
  • 19
  • 27

1 Answers1

4

Before using octokit.checks.create(), you need to generate an "installation token" which you can do by passing your JWT to this endpoint: https://api.github.com/app/installations/:installation_id/access_tokens

octokit/rest.js has a function which you can use to do that: http://octokit.github.io/rest.js/#api-Apps-createInstallationToken

Learn more about authenticating with GitHub Apps

You may also be interested in Probot, which is a JavaScript framework that simplifies GitHub App authentication a lot, and should be especially useful for interacting with the Checks API!

Hope this helps :)

Wilhelm Klopp
  • 5,030
  • 2
  • 29
  • 37
  • Thanks a lot! The Probot package has the problem, that there seems to be no possibility to use a corporate proxy, so I decided to use octokit. And it's in fact easy, if you know that you need the JWT to authenticate to get the installation token. I use `octokit.authenticate({ type: 'token', token: installation.data.token })` and this works perfectly. – JSchirrmacher Aug 27 '18 at 09:09