jwodder
commented
9 months ago @yarikoptic I think I've figured out the problem. Downloading a workflow artifact from GitHub involves making a request to an archive_download_url at api.github.com, for which you have to provide an "Authorization" header, and the server responds with a redirect. Previously, the redirect was to a URL under actions.githubusercontent.com, but (due to the update to actions/upload-artifact@v4?) recent artifacts are served from blob.core.windows.net. If you're using an HTTP client that follows redirects and sends the same headers across cross-origin redirects (like urllib, unlike any decent HTTP client), this will result in an "Authorization" header for GitHub being sent to windows.net, which causes it to reject the request due to the header not meeting its standards, despite the fact that requests to windows.net without "Authorization" headers succeed.
@yarikoptic Do you recall what GitHub token we used as the secret for testing in this repository? GitHub API requests made by the tests suddenly started failing with "Authentication information is not given in the correct format.", and my best guess is that we used an old-format token, though I can't seem to find whether or when those would stop being supported.
EDIT: It looks like the token is associated with my account. I'm going to try regenerating it and seeing if that helps.