Authentication is failing when using the API token

[acoppes]

I couldn't get authenticated using my Github token instead user/password, the error:

"Listing downloads failed: Bad credentials (401)"

(stacktrace at the end of the issue)

Tried using the org.eclipse.egit.github.core directly with a small test:

public static void main(String[] args) throws IOException {
    GitHubClient client = new GitHubClient();
    client.setOAuth2Token(MY_PRIVATE_TOKEN);

    RepositoryService service = new RepositoryService(client);

    Repository repository = service.getRepository("gemserk", "animation4j");

    System.out.println("has downloads: " + repository.isHasDownloads());

    DownloadService downloadService = new DownloadService(client);

    List<Download> downloads = downloadService.getDownloads(repository);

    for (Download download : downloads) {
        System.out.println("download: " + download.getName());
    }

}

But failed too, tried changing my Github token and keeps failing. Btw, I own the repository of the example and I already used that API token previously with the maven-github-plugin (https://github.com/kevinpollet/maven-github-plugin).

It worked when using user/pass pair.

Forgive me if I am misunderstanding something about the token.

org.apache.maven.lifecycle.LifecycleExecutionException: Listing downloads failed: Bad credentials (401) at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoals(DefaultLifecycleExecutor.java:719) at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoalWithLifecycle(DefaultLifecycleExecutor.java:556) at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoal(DefaultLifecycleExecutor.java:535) at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoalAndHandleFailures(DefaultLifecycleExecutor.java:387) at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeTaskSegments(DefaultLifecycleExecutor.java:348) at org.apache.maven.lifecycle.DefaultLifecycleExecutor.execute(DefaultLifecycleExecutor.java:180) at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:328) at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:138) at org.apache.maven.cli.MavenCli.main(MavenCli.java:362) at org.apache.maven.cli.compat.CompatibleMain.main(CompatibleMain.java:60) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.codehaus.classworlds.Launcher.launchEnhanced(Launcher.java:315) at org.codehaus.classworlds.Launcher.launch(Launcher.java:255) at org.codehaus.classworlds.Launcher.mainWithExitCode(Launcher.java:430) at org.codehaus.classworlds.Launcher.main(Launcher.java:375) Caused by: org.apache.maven.plugin.MojoExecutionException: Listing downloads failed: Bad credentials (401) at com.github.maven.plugins.downloads.DownloadsMojo.getExistingDownloads(DownloadsMojo.java:242) at com.github.maven.plugins.downloads.DownloadsMojo.execute(DownloadsMojo.java:280) at org.apache.maven.plugin.DefaultPluginManager.executeMojo(DefaultPluginManager.java:490) at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoals(DefaultLifecycleExecutor.java:694) ... 17 more Caused by: org.eclipse.egit.github.core.client.RequestException: Bad credentials (401) at org.eclipse.egit.github.core.client.GitHubClient.createException(GitHubClient.java:383) at org.eclipse.egit.github.core.client.GitHubClient.get(GitHubClient.java:470) at org.eclipse.egit.github.core.client.PageIterator.next(PageIterator.java:160) at org.eclipse.egit.github.core.service.GitHubService.getAll(GitHubService.java:136) at org.eclipse.egit.github.core.service.DownloadService.getDownloads(DownloadService.java:178) at com.github.maven.plugins.downloads.DownloadsMojo.getExistingDownloads(DownloadsMojo.java:229) ... 20 more

[acoppes]

I believe I am mistaking the private API token with an oauth token used to authenticate applications.

[acoppes]

Reading here http://developer.github.com/v3/#authentication I believe there is no way to authenticate using the API token when using the GitHub API v3.

Close the issue when you read it since it is wrong. Sorry for it.

[kevinsawicki]

No, problem, did you have any issues getting an OAuth2 token working?

[acoppes]

I am using the github-downloads-plugin to upload the artifacts of a project to its github downloads page, don't know where to get the oauth token while using mvn to deploy the artifacts, just using user/pass for now.

Maybe if there was some web application where I could get an oauth token for a while, use it when running maven to upload the artifacts and then release it. Otherwise I don't know exactly how. I am a bit green about all the oauth authentication stuff.

If you could give me some advice, I would be really grateful.

[kevinsawicki]

You can get an OAuth2 token by using the code snippet here.

You may want to update it to have the scopes needed for the types of requests being made, most likely repo scope.

You can add a line to the end of that example to print out the token (using auth.getToken()). This token can then be used with the maven-plugins.

[acoppes]

Yeah I could, but the initial idea was to try to use the API token or another token instead the user/password, if I have to login with user/password to get an oauth token to then use it when uploading the artifacts, then I prefer to use user/password to upload the artifacts (less steps).

Anyway, I was confused with the API token and the oauth token, but the main idea was trying to avoid using user/password not trying to do github stuff inside an application, thanks for your time.

[kevinsawicki]

You only need to get an OAuth2 token once, once you have it you will no longer need to use the username/password

[acoppes]

I believe OAuth2 token has alive time, so that will work only while I am inside the token life span, right?

[kevinsawicki]

No, you should be able to use the token for an unlimited amount of time once you have it

[acoppes]

I created an an Oauth2 token with scope repo following the snippet you linked, using that token when uploading artifacts worked perfectly. I will add it to my maven settings for next uploads.

If you can use this tokens forever, seems like an interesting feature to have since it is similar to the Github user API token, right?

Thanks for all the help.

[Rebaiahmed]

hello , i have problem , i wish to follow user form my app using github api , i'm using angularjs when use $http service to put $http.put(' https://api.github.com/user/following/JakeWharton') i always get 401 status

[rehevkor5]

Is that any different than using the "Personal access tokens" UI?