I would like to use the REST API of Github to manage the milestones and labels of some of my repositories, but I constantly fail to create new milestones or labels via REST. What do I miss?
I enable 2FA for my account and also create a personal access token, as it is described in Other Authentication Methods
For example I try to create a new milestone with this cURL command:
curl -X POST -v \
-H "Authorization: token MyPersonalAccessToken" \
-H "Content-Type: application/json" \
-H "Accept: application/vnd.github.v3+json" \
-d '{"title": "1", "state": "open", "description": "Milestone", "due_on": "2025-10-09T23:39:01Z"}' \
https://api.github.com/repos/obfischer/boxsack/milestones
I tried various other variants but all seems to be wrong. At least I always get only a 404 Not Found. According to the Github documentation this could also mean that my authentication failed, as Github returns a 404 Not Found response code to protect user data instead of returning a 401 Unauthorized.
But I am pretty sure that the authentication via the Person Access Token is working as I can see a user specific rate-limit headers in the response:
X-RateLimit-Limit: 5000
X-RateLimit-Remaining: 4999
Does someone have a clue why I can't create a milestone via REST?
Maybe your personal access token doesn't have the repo scope. I've just tested to send the request with a token without that scope & it also returns 404 :
< HTTP/1.1 404 Not Found
< Date: Sat, 26 Oct 2019 11:07:31 GMT
< Content-Type: application/json; charset=utf-8
< Content-Length: 125
< Server: GitHub.com
< Status: 404 Not Found
< X-RateLimit-Limit: 5000
< X-RateLimit-Remaining: 4989
< X-RateLimit-Reset: 1572091544
< X-OAuth-Scopes: [Here there should be repo] <================
< X-Accepted-OAuth-Scopes:
< X-GitHub-Media-Type: github.v3; format=json
< Access-Control-Expose-Headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type
< Access-Control-Allow-Origin: *
< Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
< X-Frame-Options: deny
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
< Content-Security-Policy: default-src 'none'
< X-GitHub-Request-Id: 87B2:23EED:36F2B7F:42647AE:5DB428F3
<
{
"message": "Not Found",
"documentation_url": "https://developer.github.com/v3/issues/milestones/#create-a-milestone"
}
Related
This question has been asked before but none of the solutions has worked for me.
I've created a bash script to register a new user on my key cloak server. The bashscript is shown below:
#!/bin/sh
RESULT=$(curl -s --location --request POST 'http://localhost:8180/auth/realms/master/protocol/openid-connect/token' --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode 'grant_type=client_credentials' --data-urlencode 'client_id=admin-cli' --data-urlencode 'client_secret=12345678-12a3-1234-bc12-d12345678910');
TOKEN=$(echo $(echo "$RESULT" | jq .access_token))
TOKEN=$(echo "${TOKEN//\"}")
echo "$TOKEN\n\n"
USER=$(curl --location -v --request POST 'http://localhost:8180/auth/admin/realms/MyMarketplace/users' --header 'Content-Type: application/json' --header "Authorization: Bearer $TOKEN" --data-raw '{"enabled":"true", "username":"app-user"}');
echo $USER;
When I run this script, I keep getting the following output:
HTTP/1.1 403 Forbidden
< Connection: keep-alive
< X-XSS-Protection: 1; mode=block
< Strict-Transport-Security: max-age=31536000; includeSubDomains
< X-Content-Type-Options: nosniff
< X-Frame-Options: SAMEORIGIN
< Content-Type: application/json
< Content-Length: 25
< Date: Fri, 17 Jul 2020 20:11:40 GMT
<
{ [25 bytes data]
100 66 100 25 100 41 974 1597 --:--:-- --:--:-- --:--:-- 1640
* Connection #0 to host localhost left intact
{"error":"unknown_error"}
I'm not sure why. Here's what I've tried:
I've made sure that the URL that I'm sending the request to is correct.
I've made sure that the username is unique and that I've provided all mandatory fields.
In the MyMarketplace realm, I added a realm role 'admin' with a client role 'manage-users' from client 'realm-management' and I assigned this realm role to my client's scope (as per the steps given in this answer)
In the Master realm, I assigned the manage-users role to the client admin-cli's scope.
None of these has yielded any results so I've run out of options.
I would greatly appreciate it if someone could help me understand what I'm missing.
use http://localhost:8180/auth/realms/MyMarketplace/protocol/openid-connect/token to obtain access_token and give admin-cli client manage-users role from realm-management client in Service Account Roles and then call http://localhost:8180/auth/admin/realms/MyMarketplace/users with access token in header and "enabled": true, "username": "user" body.
make sure your enabled boolean look like this one and dont use "" I think keycloak reads your request as String.
I think it will fix your problem.
Use and configure admin-cli client as you did, but in MyMarketplace realm. Don't use the master realm.
Can't understand how should look the following request
POST api/v1/authenticate
from here: Lingvo API
It's said: "Responds to POST request containing "Authorization: Basic
{ApiKey}" header."
I've tryend
POST https://developers.lingvolive.com/api/v1/authenticate with header ["Authorization":"BasicZjkzN2E4YTctZmUxMS00YTkxLThjMjEtYzBiOGU3NTY1Y2ZmOjk2NTUxYmI2YjRhNjRkOWRhNmQ5NTJkMzVlOWM2YjBk"]
also tried POST https://developers.lingvolive.com/api/v1/authenticate
with body
{"Authorization": "BasicZjkzN2E4YTctZmUxMS00YTkxLThjMjEtYzBiOGU3NTY1Y2ZmOjk2NTUxYmI2YjRhNjRkOWRhNmQ5NTJkMzVlOWM2YjBk"}
And every time getting 401 ;(
It would seem to me that you're just missing a space. The docs read that you should supply a header with the value:
"Authorization: Basic ZjkzN2E4YTctZmUxMS00YTkxLThjMjEtYzBiOGU3NTY1Y2ZmOjk2NTUxYmI2YjRhNjRkOWRhNmQ5NTJkMzVlOWM2YjBk"`
Rather than Authorization: BasicZjkzN2[...] as you have in your question.
I'll post my cURL output here that I used to validate my hypothesis. You're likely using a test account if you're sharing the API key on stackoverflow, but it's worth saying anyway: do not use the credentials you've shared here in production!
$ curl -X POST 'https://developers.lingvolive.com/api/v1/authenticate' -H 'Authorization: Basic ZjkzN2E4YTctZmUxMS00YTkxLThjMjEtYzBiOGU3NTY1Y2ZmOjk2NTUxYmI2YjRhNjRkOWRhNmQ5NTJkMzVlOWM2YjBk' -H 'Content-length: 0' -vvv
* Trying 40.74.55.233...
* Connected to developers.lingvolive.com (40.74.55.233) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
* Server certificate: *.lingvolive.com
* Server certificate: Go Daddy Secure Certificate Authority - G2
* Server certificate: Go Daddy Root Certificate Authority - G2
> POST /api/v1/authenticate HTTP/1.1
> Host: developers.lingvolive.com
> User-Agent: curl/7.49.1
> Accept: */*
> Authorization: Basic ZjkzN2E4YTctZmUxMS00YTkxLThjMjEtYzBiOGU3NTY1Y2ZmOjk2NTUxYmI2YjRhNjRkOWRhNmQ5NTJkMzVlOWM2YjBk
> Content-length: 0
>
< HTTP/1.1 200 OK
< Cache-Control: no-cache
< Pragma: no-cache
< Content-Type: application/json; charset=utf-8
< Expires: -1
< Server: Microsoft-IIS/8.5
< X-AspNet-Version: 4.0.30319
< X-Powered-By: ASP.NET
< Date: Mon, 14 Nov 2016 14:06:46 GMT
< Content-Length: 318
<
* Connection #0 to host developers.lingvolive.com left intact
"ZXlKaGJHY2lPaUpJVXpJMU5pSXNJblI1Y0NJNklrcFhWQ0o5LmV5SmxlSEFpT2pFME56a3lNVGc0TURZc0lrMXZaR1ZzSWpwN0lrTm9ZWEpoWTNSbGNuTlFaWEpFWVhraU9qVXdNREF3TENKVmMyVnlTV1FpT2pRMkxDSlZibWx4ZFdWSlpDSTZJbVk1TXpkaE9HRTNMV1psTVRFdE5HRTVNUzA0WXpJeExXTXdZamhsTnpVMk5XTm1aaUo5ZlEuaWRQOHRGZXpCYVlHSm45MHJlU3VPRmtWSE43cnROdXVram1BdzkzN3FQQQ=="%
By the way, it looks like explicitly defining an accurate Content-length: n header is required. In this case, there is no body, so a value of 0 does the trick.
I'm trying to list all of the releases of a public repository on GitHub using their V3 API. Here's the request I'm making:
curl -is -H 'Accept: application/vnd.github.v3+json' \
https://api.github.com/repos/ffmpeg/ffmpeg/releases
The response headers I receive back are here:
HTTP/1.1 200 OK
Server: GitHub.com
Date: Fri, 29 Jan 2016 20:23:15 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 29612
Status: 200 OK
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 19
X-RateLimit-Reset: 1454099558
Cache-Control: public, max-age=60, s-maxage=60
ETag: "947039722a1073c5279a9fd39d00c0bf"
Vary: Accept
X-GitHub-Media-Type: github.v3; format=json
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: ETag, Link, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'none'
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
X-Served-By: b0ef53392caa42315c6206737946d931
X-GitHub-Request-Id: XXXXXXXXXXXXXXXXXXXXXXXXXXXX
Notice the lack of the Link response header? In the response body, I only get back around 7 releases and I can't seem to paginate forward or backward by manually specifying the ?page=N query parameter.
For some background, FFmpeg has about 226 releases present in its GitHub repository, and I'm only getting around 7 of those, unable to paginate through them.
Is there something I'm doing wrong here that would limit my responses back from the GitHub v3 API?
GitHub conflates its proprietary Releases feature with regular Git tags. Many of the "releases" that you see for ffmpeg are actually just tags.
Here is an example of a real release. Note how it contains much more information than a tag does. Despite their web UI showing tags mixed in with releases, GitHub's release API endpoint doesn't include regular tags:
This returns a list of releases, which does not include regular Git tags that have not been associated with a release. To get a list of Git tags, use the Repository Tags API.
Using the tags endpoint as GitHub suggests gives more results, and includes a Link header as you expect:
curl -is -H 'Accept: application/vnd.github.v3+json' \
https://api.github.com/repos/ffmpeg/ffmpeg/tags
curl -v --insecure -H "Authorization: Bearer A0154m48uAapcL0HYC1n.8kWdiQzwHIeh0qC3h66P2QGK0s" -H "Content-Type: application/json" https://api.paypal.com/v1/payments/payment
< HTTP/1.1 401 Unauthorized
* Server Apache-Coyote/1.1 is not blacklisted
< Server: Apache-Coyote/1.1
< PROXY_SERVER_INFO: host=slcjavapapi3029b.slc.paypal.com;threadId=39967
< Paypal-Debug-Id: b182cbfc9dd59
< CORRELATION-ID: b182cbfc9dd59
< Content-Language: *
< Date: Wed, 15 Jul 2015 22:16:05 GMT
< Content-Type: text/xml
< Content-Length: 0
Even though other endpoints work just fine, such as
curl -v --insecure -H "Authorization: Bearer A0154m48uAapcL0HYC1n.8kWdiQzwHIeh0qC3h66P2QGK0s" -H "Content-Type: application/json" https://api.paypal.com/v1/identity/openidconnect/userinfo/?schema=openid
< HTTP/1.1 200 OK
< Date: Wed, 15 Jul 2015 22:19:59 GMT
* Server Apache-Coyote/1.1 is not blacklisted
< Server: Apache-Coyote/1.1
< Paypal-Debug-Id: b93fbda0effed
< Content-Type: application/json;charset=UTF-8
< Content-Length: 107
< Set-Cookie: Apache=10.73.8.97.1436998799550367; path=/; expires=Fri, 07-Jul-45 22:19:59 GMT
< Vary: Accept-Encoding
Other endpoints work fine as well. It seems the payments listing always returns 401.
When you go live with your application to process direct credit card payments, you will need to make sure you are approved for live direct credit card payments.
A quick way to check is to log in at the Developer Site > go to My Account > under Live, click Enable next to Direct Credit Card.
Make sure you are using your Live Client ID and Secret.
Go Live With PayPal Payments
I am unable to upload any tracks larger than about 7MB (413 Request Entity Too Large is returned). This functionality was previously working and the soundcloud api states that tracks can be upto 500MB.
Here is an example using curl with a successful upload(4.9MB) and an unsuccessful one(7.4MB)
I have provided dropbox links to the tracks(my own production, so no copyright issues!!!) if anyone wants to try to replicate. You will need to add your oauth_token.
successful upload = 4900kb_307sec_128kbps_44100hz.mp3
curl -i -X POST "https://api.soundcloud.com/tracks.json" \
-F 'oauth_token=********' \
-F 'track[asset_data]=#4900kb_307sec_128kbps_44100hz.mp3' \
-F 'track[title]=A 4.9MB track' \
-F 'track[sharing]=public'
HTTP/1.1 100 Continue
HTTP/1.1 201 Created
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin
Access-Control-Allow-Methods: GET, PUT, POST, DELETE
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date
Age: 0
Cache-Control: no-cache
Content-Type: application/json; charset=utf-8
Date: Wed, 06 Nov 2013 18:22:57 GMT
Location: https://api.soundcloud.com/tracks/118866401
Server: nginx
Via: 1.1 varnish
X-Cache: MISS
X-Cacheable: NO:Cache-Control=no-cache
X-Runtime: 436
X-Varnish: 3652774389
Content-Length: 1623
unsuccessful upload = 7400kb_307sec_192kbps_44100hz.mp3
curl -i -X POST "https://api.soundcloud.com/tracks.json" \
-F 'oauth_token=********' \
-F 'track[asset_data]=#7400kb_307sec_192kbps_44100hz.mp3' \
-F 'track[title]=A 7.4MB track' \
-F 'track[sharing]=public'
HTTP/1.1 100 Continue
HTTP/1.1 413 Request Entity Too Large
Date: Wed, 06 Nov 2013 18:23:21 GMT
Server: ECS (lhr/4799)
Content-Length: 0
Connection: close
thanks
We have the same issue with soundcloud. Seems to be an issue in their nginx.conf (webserver
configuration).
Please contact Soundcloud support for developers.
Was an issue in SoundCloud API routing. Has been fixed now.
For details see comments at:
Soundcloud: increased 413 failures (Request Entity Too Large) on upload