Issue of Authentication using GitHub API - github

I am trying to authenticate a user by GitHub API.
I've tried on two methods, Authentication via username and password and via personal access token(PAT) like this;
curl -u devmania1223 https://api.github.com/user /*via username and password*/
curl -u ghp_I60uniHdf6UKDCkyde1InP7kwRwsw2fD0wx https://api.github.com/user /*via personal access token*/
Inputted username and password, PAT correctly, but the response is not right.
{
"message": "Requires authentication",
"documentation_url": "https://docs.github.com/rest/reference/users#get-the-authenticated-user"
}
So, What's wrong with curl command?

Try and use the token as password:
curl -i -u your_username:$token https://api.github.com/users/octocat
Don't forget the other option: gh (the GitHub cli/cli), using gh auth login
# authenticate against github.com by reading the token from a file
$ gh auth login --with-token < mytoken.txt

Let's say that your personal access token is 55a6f290558d11ecbeaf787b8ab956b4. Now, make a request using the GitHub API, put the token into the "Authorization" header:
/usr/bin/curl -H "Authorization: Bearer 55a6f290558d11ecbeaf787b8ab956b4" https://api.github.com/user
Why? Well, the type of token that GitHub gives to you is called "OAuth 2.0" token, and you just have to use it this way.

Related

Github api request returning bad credentials even with admin privledged oauth token

I am trying to make a call https://api.github.com/repos/OWNER/REPO/actions/runners/registration-token with an users personal access token that has repo permissions.
To do so I am testing with:
curl -I -X POST -H "Authorization: token <OAUTH_TOKEN> Accept: application/vnd.github.v3+json" https://api.github.com/repos/<owner>/<repo-name>/actions/runners/registration-token which gives me Bad Credentials error
curl -I -H "Authorization: token <OAUTH_TOKEN>" https://api.github.com/users/<USER_NAME> ->
x-oauth-scopes: repo
x-accepted-oauth-scopes:
According to this: https://docs.github.com/en/rest/actions/self-hosted-runners I need to provide an oauth token with repo access.
If I curl the user curl -H "Authorization: token <OAUTH_REPO_TOKEN>" https://api.github.com/users/<USER>/repos -> []. But if I go to the repo and check settings -> Collaborators And Teams, the user is listed as part of the team with admin privledges, and I have also added an entry for the user directly.
Is there something I am missing? What permissions do I need to add to fix this?
I needed to call the API with a user name as well. For example:
curl -I -X POST -u <USER>:<OAUTH_REPO_TOKEN> -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/<owner>/<repo-name>/actions/runners/registration-token. Passing a -v option reveals that it was not setting a username, and causing github to reject the call.

How to self revoke token via vault api?

When i try to revoke a self token using api method i'm getting permission denied error
curl -H "X-Vault-Token: s.XXXXXXXXXXXXXXYYYYYYYYYYYY" -X GET $VAULT_ADDR/v1/auth/token/revoke-self
{"errors":["1 error occurred:\n\t* permission denied\n\n"]}
But if i login using same token and try via cli it is working as expected
$ vault token revoke -self
Success! Revoked token (if it existed)
Is it working as expected? or am i trying to use in a wrong way?
Use the "POST" request instead of the "GET" one:
curl -H "X-Vault-Token: s.XXXXXXXXXXXXXXYYYYYYYYYYYY" -X POST $VAULT_ADDR/v1/auth/token/revoke-self

How do we retrieve user ID and iam token with below curl request?

As a federated user, it must use an API key or one-time passcode to authenticate. I have tried to execute that the below curl request:-
Example :-
Input :-
curl -s -u 'bx:bx' -k -X POST --header 'Content-Type: application/x-www-form-urlencoded' --header 'Accept: application/json' -d "grant_type=password&response_type=cloud_iam,ims_portal&username=${1}&password=${2}&ims_account=${3}" https://iam.ng.bluemix.net/oidc/token
Output :-
"errorMessage":"You cannot authenticate with user name and password, as you are a federated user","errorDetails":"Your user id '<<><><>>' is federated and must use an API key or one-time passcode to authenticate"
But how we authenticate the user to generate the iam_token and iam_user_id?
Reference :-
https://softlayer.github.io/rest/IBMidtoSLKey/
The code snippet you reference from the SoftLayer guide has the result of setting the SoftLayer Username and API key:
echo "SL_USERNAME: $SL_USERNAME"
echo "SL_API_KEY: $SL_API_KEY"
This is a roundabout way to find the same information that is listed as API Username and Authentication Key seen in your User Profile. If you do not see an API username and Authentication Key, you can create one on the Actions menu next to your name in the User List.
You can then execute Infrastructure APIs, which I expect is the ultimate goal.
export IAAS_USERNAME=<API Username>
export IAAS_KEY=<Authentication Key>
curl -u $IAAS_USERNAME:$IAAS_KEY https://api.softlayer.com/rest/v3/SoftLayer_Account/getAllBillingItems
It's unclear if the discussion around IAM tokens is necessary. Please provide more guidance on what you're trying to achieve if the above suggestion is insufficient.

How to create a github.com repository over HTTP API?

According to the general instruction to the github.com API and the explanation of the create command
curl -u "krichter722" https://api.github.com # works (returns JSON response)
curl -d '{"name":"test"}' https://api.github.com/user/repos/
should work and create a repository, but the second command fails with
{
"message": "Not Found",
"documentation_url": "https://developer.github.com/v3"
}
I found Using `curl` to create a repo on GitHub.com with two-factor authentication which resolves an issue caused by missing parts in the request for two-factor authentication.
Other questions, like "Bad Credentials" when attempting to create a GitHub repo through the CLI using curl, indicate that the URL is correct (the creation fails due to bad credentials according to error message in this case).
You can do it as follows:-
curl -u "$username:$token" https://api.github.com/user/repos -d '{"name":"'$repo_name'"}'
You can find personal access token in Github Settings -> Application, replace username with your username and repo_name with repository name.
Note:- You might need to create personal access token if you haven't used it earlier.

How to search using GitHub API in private organizations

I have a private organization GitHub (enterprise) repository, e.g. github.mycompany.com.
I want to search strings in code using the GitHub API. How do I search in mycompany-specific GitHub repositories?
I tried the query below and received 404:
curl -i -H "Authorization: token <token>" https://github.mycompany.com/api/v3/search/code?q=class
It seems to be authenticating fine, since I tried curl -u <userName> and
If I give the wrong password, I get an authentication error.
If I give the right password, it goes through, but returns 404 for the search query.
Currently, the Search API is still in preview on GitHub Enterprise. As a result, you need to specify a special media type in the Accept header to get things working.
Give this a try:
curl -i -H "Accept: application/vnd.github.preview+json" -H "Authorization: token <token>" https://github.mycompany.com/api/v3/search/code?q=class