So, As github is deprecating authorization through access_token query param, we were sent a mail from github that a call has been made with access_token in query param and were asked to update things to include authorization info in request headers.
We are suspecting that the api call is made from Jira confluence app from the github integration that was done by admin which we don't have control over.
So, just trying to debug things here. Does anyone know how Jira confluence internally communicates with Github servers using access_token to update pull requests and commits etc in Jira tickets?
If this is not the correct domain for this please move it to the right one.
It is very possibly the Github/Jira integration. This bug ticket was resolved in August but based on the comments there it's not completely fixed or released.
This issue has some back-and-forth but this comment clears things up: it looks like GitHub recommends uninstalling the old Jira integration and using the one GitHub maintains instead.
Related
At my company, we have a CLI which allows our customers to upload data to our backend solution. The CLI runs on PR changes within a job. Let's assume the uploaded data looks like this:
{
name: "John",
age: 20,
}
Once the upload is completed, I'd like to create a comment on the PR with to following body:
John is 20 years old.
I've found the following ways to do this:
GitHub App (a bot)
GitHub OAuth App
Personal Access Token
GITHUB_TOKEN
GitHub App
The GitHub App needs to do the following things:
Fetch the data via a user-specific API key
Create a comment
I already created a comment via a bot, but I have no clue how to fetch the data.
As far as my understanding goes, I'd like other users to be able to install this GitHub app from the marketplace to work out of the box. From the ProBot Docs I understand that the bot operates on a webhook basis. Meaning I need to subscribe to a 'job completed' event (not sure if that's the correct name but I think you get the idea) and then fetch the data via a user-specific API we are providing on our platform. However, I see no way for the user of our App to configure an API key (or any form of secret) so the bot can make authenticated requests to our endpoints.
I'd prefer to use GitHub App because the comment coming from the bot would have our company branding and also an indicator that this comment has been created by the integration.
OAuth App
I already tested this by using Postman, however, the comment looks like it's coming from a specific user. Therefore, it has no company branding and it's not clear that an integration created the comment. However, the great part is that we could integrate this with our application, so our backend could create the comment once the data is received.
What I like about this approach is that we also need to implement such a feature for GitLab, Azure, etc, and using OAuth likely scales well with the other providers in comparison to the GitHub app, which is GitHub-specific.
Personal Access Token
Works pretty much like the OAuth App, but instead of our backend creating the comment, the comment is created by the CLI (and the access token is passed into the CLI). However, I think this approach is a bit sketchy.
GITHUB_TOKEN
While I haven't tried this yet, I assume that the token has limited but sufficient permissions to create a comment. As of now, I don't know what the comment will look like, but I think we can rather safely pass this into the CLI to create the comment from there. Since the permissions are limited and the token is invalidated after the workflow I see limited risk for the user of our CLI (and services).
Edit: The comment is coming from the github-actions bot, which is not the branding we are looking for, but it's clear that the comment has been created by the integration.
Questions
What's the best way to accomplish what I am trying?
Is there any way I can make this work with GitHub Apps (aka bots)?
I referred this Microsoft document "MS Rest API documentation for wiki" and was able to get all the pages available in wiki. I was trying to get the published author and published time related information for which there is no available reference.
Is there any Azure DevOps Rest API available to get this information?
Azure Devops - How to get published information of a wiki page using Rest API
I am afraid there is no such REST API at this moment, however you can track it by tools such as Fiddler or press F12 in Chrome browser then select Network.
On the web UI, we could access the View revisions of the Wiki:
We could get the history of this Wiki:
Then we press F12 and click the first history, we could get the REST API like below:
https://dev.azure.com/<OrganizationName>/<ProjectName>/_apis/git/repositories/<WikiName>/Commits/<CommitsId>?
But, if we want to automate it by REST API, This seems impossible at the moment.
To automate it, we need to get the first commit ID for the Wiki, I could use the REST API:
https://dev.azure.com/<OrganizationName>/<ProjectName>/_apis/git/repositories/<WikiName>/Commits/?
Now, I could get the all the commits, but those commits for all Wiki files, and there are no other parameters that can be used to filter out which wiki document the commit is associated with. So, we could not get the first commit for each wiki automatically. That is the current limitation.
Hope this helps.
You can get commits from specific pages: searchCriteria.itemPath=
Here is doc:
https://learn.microsoft.com/en-us/rest/api/azure/devops/git/commits/get-commits?view=azure-devops-rest-6.0
Wiki page path will be: /WikiName/Folder--Name/Page-Name.md
Keep in mind that space in page name or folder name you need to replace with '-'. Also add extension to the page '.md'
Our organization is moving away from Gitlab to Github enterprise. and this would involve authentication specific changes for our app.
Our app includes a front end. With every event on the front end, an api* call is made. This API in turn currently hits Gitlab (using gitlab's api) and a private token to commit/branch/push/pull on the repo.
Now, I am trying to work up a similar structure when we migrate to github. From what I have read, github uses oAuth2.0 to authenticate.
Following the documentation, I have followed following steps until now :
Created an organization.
Added a sample repo to it.
Registered my api* (the entity that interacts with the front end) with the organization. This helped me generated a client_id and client_secret.
Now, I have been trying to retrieve an oAuth token using github v3 api but I end up getting an exception :
"message": "Requires authentication"
So I am pretty confused now on where to go from here. May be I understood it all wrong ?
If somebody could aide me with this or suggest an alternative, that shall be great.
Given a GitHub issue, is there any way to get the pull requests that reference to that issue via API?
That info is showed in the GitHub html page but I can't see nothing in the API documentation.
Is it really possible?
is there any way to get the pull requests that reference to that issue via API
Not directly.
Even the reverse is not possible, as a pull request has a link 'issue' pointing to... itself.
But as mentioned in the issue API:
In the past, pull requests and issues were more closely aligned than they are now.
As far as the API is concerned, every pull request is an issue, but not every issue is a pull request.
This endpoint may also return pull requests in the response. If an issue is a pull request, the object will include a pull_request key.
So you would need to list the comments of a pull request (using the Issue Comments API since comments on PR are done with it), and parse said comment to find a reference to an issue.
Using this link I can see that my (tonylampada) id on github is 218821
https://api.github.com/users/tonylampada
How could I do the opposite? Given the user id = 218821, what's the username?
Update
Answering nulltoken here because it's a long story and it won't fit in a comment.
FreedomSponsors is a django application that uses django-social-auth to enable login with Github (and others).
(You should check it out, btw, please see the about page in the blog :-)
Django-social-auth has a configuration flag that allows the application to store the github username on the database.
A few days ago I deployed a new version of FS with github login enabled, but with "storeGithubUsername" set to false.
A few users registered their github accounts, and now the database has their github ids, but not their usernames.
You can se in my profile that I have github as a "connected account" but there's no link to my github page.
I need it to make the link point to https://github.com/tonylampada
I'm ready to deploy a new version that fixes this, by setting the "storeGithubUsername" (that's not what it is called, I'm just simplifying here) to true.
But I'd like to patch the database with the already github-registered users. I have their github ids, but not their github usernames.
We need to do this on Gitter to deal with the situation where a user has changed their username on GitHub and we get a 404 response when querying their old username.
Here's an undocumented endpoint, so use as your own peril, but it does work for now.
Use the endpoint: https://api.github.com/user/:id, where :id is the ID of the user.
Similar endpoints exist for repos and orgs, at
https://api.github.com/repositories/:id and https://api.github.com/organizations/:id respectively.
Note that the new repository redirects preview API only supports repositories, not renamed users or organizations. In fact, the HTTP 301 redirect actually points to https://api.github.com/repositories/:id, so there's a good chance that these "ID" endpoints may in fact become official soon.
There's no documented feature, nor undocumented ones that I know of, that expose the retrieval of the username from the id. From the GitHub API consumer perspective, the user id is an "implementation detail". The real key is the username.
From what I understand, you only require a batch of usernames given a list of ids. And this would be a one time only request, not a permanent need.
As your request seems legit and limited in its scope, you might get this answer directly from GitHub support by dropping them an email at support#github.com.
Indeed, xpaulbettsx, a GitHubber, even tweeted about this:
Support# is good for Anything you want to tell GitHub - bugs, features, high 5s; everything but security which go to security#
By the time I answer this question, the method that works is:
https://api.github.com/user/USER_ID
Remark: It is similar to what Andrew shared in 2015; you just have to remove the colon in the URL he shared.