Menu
I manually created a token in Github -> Settings -> Personal access tokens -> Generate new token and chose only repo scope.
This token works fine, so with it I can push into organization I have write privileges.
Then I want to do the same (get an access_token) by github-api.
params = dict(client_id=client_id,
client_secret=client_secret,
code=code)
url = url_concat("https://github.com/login/oauth/access_token", params)
req = HTTPRequest(url,
method="POST",
headers={"Accept": "application/json"},
body="")
As a result I have such json:
{
'scope': 'repo',
'token_type': 'bearer',
'access_token': 'xxxxxxxx10755fbb6c281e92902ed122144886c5'
}
It is as everything correct, but I can't push into organization repos where I have write privileges. I can push only into my own repos.
Could you help? Any idea where is a mistake or inaccuracy is welcome.
694
Obtaining your GitHub personal access tokenSign in to your GitHub account. Change the settings for your GitHub profile by clicking your profile image in the upper right, and then click Settings. At the bottom of the left menu, in the Developer settings section, click the Personal access tokens link.
You can find a list of all your personal access tokens in https://github.com/settings/tokens . Make a note of the following information: GitHub token name.
So if you want to do this via GitHub's API, your request needs to change.
First you need to be using the /authorizations endpoint like so:
POST /authorizations
Authorization: Basic ...
Content-Type: application/json
Content-Length: ...
{
"scopes": [
"repo",
"write:org"
],
"note": "Example from StackOverflow by @sigmavirus24",
"client_id": "Your client_id here",
"client_secret": "Your client_secret here",
"fingerprint": "1234",
}
This should then return a 201 Created response with a body like so:
{
"id": 72249124,
"url": "https://api.github.com/authorizations/72249124",
"scopes": [
"repo",
"write:org"
],
"token": "abcdefgh12345678",
"token_last_eight": "12345678",
"hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
"app": {
"url": "http://my-github-app.com",
"name": "my github app",
"client_id": "abcde12345fghij67890"
},
"note": "optional note",
"note_url": "http://optional/note/url",
"updated_at": "2017-02-08T20:39:23Z",
"created_at": "2017-02-08T17:26:27Z",
"fingerprint": "1234"
}
Except it will be real.
That said, it appears that you're trying to use the endpoint that allows GitHub to be used as an authentication provider. In other words, you're building an application that allows users to sign-in with GitHub. If that's the case, then you need to specifically follow the Web Application Flow for OAuth.
In that case, you're part of the way there but you're sending the wrong parameters.
First you make a GET request:
GET https://github.com/login/oauth/authorize?client_id=<your-client_id>&scopes=repo%20write:org&state=something-random
Then you will receive data back from GitHub which you must use in your POST
POST https://github.com/login/oauth/access_token?client_id=<your-client_id>&client_secret=<your-client_secret>&code=<code-from-github>
Accept: application/json
After that, any request you make must have
Authorization: token <token-received-in-response-to-POST>
Cheers!
107
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
