0

I'm using GithubAuthProvider with the added scope repo to get the user's access token which is later used to access the GitHub GraphQL API (the GitHub App has the permissions for Contents and Metadata set to Read-only).

The problem is when I'm trying to list private repos. The API returns an empty array as if I don't have the required permissions. Moreover, when I try to list branches of a user's repo it returns an error of type FORBIDDEN.

Query:

query {
    viewer { 
    repository(name: "some-repo") {
      refs(refPrefix: "refs/heads/", first: 10) {
        nodes {
          name
        }
      }
    }
  }
}

Response:

{
    "data": {
        "viewer": {
            "repository": {
                "refs": null
            }
        }
    },
    "errors": [
        {
            "type": "FORBIDDEN",
            "path": [
                "viewer",
                "repository",
                "refs"
            ],
            "extensions": {
                "saml_failure": false
            },
            "locations": [
                {
                    "line": 7,
                    "column": 7
                }
            ],
            "message": "Resource not accessible by integration"
        }
    ]
}

What am I missing?

Žan Ožbot
  • 215
  • 2
  • 7

2 Answers2

0

For GitHub GraphQL API, only scope repo may not be enough.

Following are scopes requested for reference. Authenticating with GraphQL

user
public_repo
repo
repo_deployment
repo:status
read:repo_hook
read:org
read:public_key
read:gpg_key

The API returns an empty array as if I don't have the required permissions.
I wonder whether you are query under the viewer. viewer can get the private repos he/she owned. For repos owned by other people, you can try

repository(name: "repo-name", owner: "login") {
  name
}

It will return NOT_FOUND error if you don't have the required permissions.

Your query works fine for me :)

Y4nhu1
  • 116
  • 11
0

It turns out I read through the Firebase instructions too fast and created a Github App instead of an OAuth App.

It's now working as it should.

Žan Ožbot
  • 215
  • 2
  • 7