search

shurcooL / githubv4

Package githubv4 is a client library for accessing GitHub GraphQL API v4 (https://docs.github.com/en/graphql).
MIT License
1.11k stars 89 forks source link

GitHub App Installation OAuth Token Errors #63

Open taiidani opened 4 years ago

taiidani commented 4 years ago

Currently I have an application that leverages both the Github v3 API (using https://github.com/google/go-github) and the v4 API for a number of Pull Request checks. Until recently I was using a personal access token in both libraries for authorization, but I recently switched to a GitHub App.

Here's a snippet of how I instantiate the clients:

// NewClient will generate a configured GitHub client for use.
func NewClient(ctx context.Context) *github.Client {
    return github.NewClient(newGitHubAuth(&ctx))
}

// NewGraphClient will generate a configured GitHub client for use against the GraphQL API.
func NewGraphClient(ctx context.Context) *githubv4.Client {
    return githubv4.NewClient(newGitHubAuth(&ctx))
}

func newGitHubAuth(ctx *context.Context) *http.Client {
    // GitHub App installation
    appPem := os.Getenv("GITHUB_APP_PEM")
    if appPem != "" {
        log.Debug("Pulling credentials for GitHub App")
        itr, err := ghinstallation.NewKeyFromFile(http.DefaultTransport, appID, appInstallationID, appPem)
        if err != nil {
            log.Warning(err)
        }

        return &http.Client{Transport: itr}
    }

    // Interactive run by a user
    token := os.Getenv("GITHUB_TOKEN")
    if token != "" {
        log.Debug("Pulling credentials for GitHub Personal Access Token")
        ts := oauth2.StaticTokenSource(&oauth2.Token{AccessToken: token})
        return oauth2.NewClient(*ctx, ts)
    }

    log.Error("Unable to find GitHub credentials from the GITHUB_APP_PEM or GITHUB_TOKEN environment variables")
    return &http.Client{}
}

Note that this is using the same https://github.com/bradleyfalzon/ghinstallation library for transport-based authentication as the v3 library is using.

Shortly after deploying, the v4 client began throwing a number of could not refresh installation id ... received non 2xx response status errors from the underlying ghinstallation library...but only for the v4 library. The v3 library appears to have continued functioning.

I haven't read anything in this repository around recommended implementations of GitHub Apps. Is using ghinstallation supported? If so, any idea what may be happening?

taiidani commented 3 years ago

Update on this issue -- it continues to be a problem for our organization. The same behavior continues to occur.

dylanANZ commented 8 months ago

FYI @taiidani I set this up and it's working with the current ghinstallation v2.9.0