This seems to be answered elsewhere but using the same command as other answers I still get a 404.
I'm trying to test creating a file with GitHub's v3 API. Whether I use curl or a rest api tester I get a 404 "not found" error. I believe I am getting properly authorized as I can check my rate count and it is counting down from 5,000 (the rate limit you get when authorized).
I can do a GET like so:
curl -X GET -H "Authorization: token <mytoken>" https://api.github.com/repos/<myorg>/<myrepo>/contents/testfile
My PUT is like so:
curl -X PUT -H "Authorization: token <mytoken>" https://api.github.com/repos/<myorg>/<myrepo>/contents/newfile -d "{'message': 'Initial Commit','content': 'bXkgbmV3IGZpbGUgY29udGVudHM='}"
I've also tried this:
curl -X PUT -H "Authorization: token <mytoken>" https://api.github.com/repos/<myorg>/<myrepo>/contents/test.txt -d "{'path': 'test.txt', 'branch': 'dev', 'message': 'Initial Commit', 'committer': {'name': '<myname>', 'email': '<myemail>'}, 'content': 'bXkgbmV3IGZpbGUgY29udGVudHM='}"
So to recap, GET seems to work. PUT seems to not work. If anyone can help please do. If I get no answer, someone please tell my story.
Turns out, I'm just a moron. I was using the personal access token (PAT) of a user that had read-only access to my repo. Using a PAT of someone that had write access worked just fine. Who knew?
Sorry about that, internet. I'll never doubt you again.
I was creating an API wrapper and my input path had an extra leading "/" I removed the forward slash and no more error 404.
So, look for typos in the request URL, especially if your path constructor places a trailing slash. Good constructors usually take care of this case, but clearly not all.
Related
I have a script that I'd like to be able to access via a curl command against its https://raw.githubusercontent.com/... location. Using git.io, it's really easy to shorten this URL to something like https://git.io/ABCDE.
But there's an issue related to the fact that my script exists in a private repository. If I directly curl against the githubusercontent URL, I get 404: Not Found. I'm able to bypass this by passing an authorization header with the request, e.g.
$ curl -H "Authorization: token <My Github Personal Access Token>" \
https://raw.githubusercontent.com/...
> !#/bin/bash
... # rest of script
However, when I use my shortened URL, I don't get anything back. Not even a 404.
$ curl -H "Authorization: token <My Github Personal Access Token>" \
https://git.io/ABCDE
$
Anyone know what's going on here?
The way a URL shortener works is that it issues some sort of 3xx-series HTTP status code that redirects you to the new location, and then you make your request against that new location. However, by default, curl does not follow redirects, so all you see when you make your request is the output from git.io, which in this case is nothing.
If you want to follow redirects, then you should use the -L option to curl, which will make it follow redirects. Note that this can be insecure in many cases when passing credentials, since any credentials passed with -H will be passed to any remote server that the data is redirected to. In this case, that's what you want, but it can be a security problem in other cases if the credentials were only intended for the original server.
I'm trying to send a POST request to the GitHub API to submit a comment on a commit.
According to the documentation, all that's needed (other than the URL params) is the body.
I have modified the example from the docs to the following:
curl \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/dchacke/test/commits/9b7413350932dd3f2906c0fdd26106c35c7ce450/comments \
-d '{"body":"test comment"}'
That should post a test comment to this commit. I know the commit and the owner and repo exist (it's my repo and I can see the commit under that URL), and yet I'm getting a 404 with the following response body upon submitting that API request:
{
"message": "Not Found",
"documentation_url": "https://docs.github.com/rest/reference/repos#create-a-commit-comment"
}
The documentation makes no mention of authentication being required for that endpoint. A 404 doesn't exactly sound like an authentication problem, but just in case GitHub doesn't want to confirm the existence of repos/commits to unauthenticated users (though they do let them see those things on their website...), I tried setting a personal access token in an additional Authorization header in my CURL request. No dice.
What am I doing wrong?
Authentication was the issue after all. I had to make sure I used a token with the right privileges. In this case, it needed the public_repo privilege, which can be set up here.
I'm trying to use the relatively new PayPal Sync API to download my PayPal transactions. I'm following the Sync API guide. I started by logging into the PayPal Developer Dashboard My Apps & Credentials page, scrolling to the REST API apps section, creating an app, clicking on it, and enabling Transaction Search for both the Sandbox and Live accounts.
I then used the Sandbox account's Client ID and Secret to generate an Access Token. I confirmed that the Client ID and Secret are correct and active. My cURL command is below (note that I'm using cURL on Windows 10):
curl -v https://api.sandbox.paypal.com/v1/oauth2/token ^
-H "Accept: application/json" ^
-H "Accept-Language: en_US" ^
-u "<my-client-id>:<my-secret>" ^
-d "grant_type=client_credentials"
I received a response similar to the following (I added the formatting):
{
"scope":"https://uri.paypal.com/services/reporting/search/read
https://api.paypal.com/v1/payments/.*
https://uri.paypal.com/services/applications/webhooks
openid",
"nonce":"2018-04-04T02:20:02Z...",
"access_token":"<my-access-token>",
"token_type":"Bearer",
"app_id":"<my-app-id>",
"expires_in":32400
}
I then took the Access Token and copied it into the sample command on the Sync API guide page. Here is the command I ran:
curl -v -X GET https://api.sandbox.paypal.com/v1/reporting/transactions?transaction_id=5TY05013RG002845M&fields=all&page_size=100&page=1 ^
-H "Content-Type: application/json" ^
-H "Authorization: Bearer <my-access-token>"
I received the following error response:
< HTTP/1.1 401 Unauthorized
...
< Content-Length: 244
< Connection: close
< Content-Type: application/json
<
{
"name":"AUTHENTICATION_FAILURE",
"message":"Authentication failed due to invalid authentication credentials or a missing Authorization header.",
"links":[{
"href":"https://developer.paypal.com/docs/api/overview/#error",
"rel":"information_link"
}]
}
I tried many things to correct this error, including:
Adding a "Accept: application/json" and "Accept-Language: en_US" header to the command.
Creating a new Secret and generating a new Access Token.
Creating a new App with a new Client ID & Secret and generating a new Access Token.
Disabling Transaction Search, re-enabling it, and sending the command again.
Trying in the Live account.
Each of these attempts produced the same result. I noted that in the scope section of the access token response that it doesn't include a path similar to the stated path for the Sync API (/v1/reporting/transactions). However, that's just an observation, and I'm not sure if that is relevant.
I read through the entire Sync API guides and documentation about five times, and I searched Google and StackOverflow pretty thoroughly. I'm seeing evidence that some people are getting past the initial connection to Sync API, so I'm fairly certain this API works.
Can someone help me understand what I'm missing? Could it just be that I need to wait a day or two for their systems to catch up? PayPal's Developer documentation is not very user-friendly, and their Developer Dashboard is extremely glitchy.
I had this same issue. Putting double quotes around the URL solved it for me. The other API endpoints worked (authentication, authorizations/xyz) because they didn't have any special URL characters in them. In the transaction search, the query string delimiters were being parsed by Bash.
Your curl lines above become:
curl -v -X GET "https://api.sandbox.paypal.com/v1/reporting/transactions?transaction_id=5TY05013RG002845M&fields=all&page_size=100&page=1" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer <my-access-token>"
Hope that helps someone.
It appears that this error may be caused by either cURL or the way I'm using it. On a hunch, I used Hurl.it to execute this sample request, and the request was successful (HTTP 200). I then tried another request where I searched for all transactions in a given date range, and that was also successful. I'm going to mark the question answered.
I, basically, have two related questions.
In my case, I have a global Mongo authentication as admin with the password pass. I implemented my BCryptAuth as described in this answer, so I can create users without any authentication like this:
curl -d 'username="barack"' -d 'password="obama"' http://0.0.0.0:5000/users/?pretty
Then, I can access my api using my Mongo authentication like this:
curl -u admin:pass http://0.0.0.0:5000/users/?pretty
But I cannot use any of my new user's credentials to get any data. So, the request
curl -u barack:obama http://0.0.0.0:5000/users/?pretty
does not work. I always get 401:
{
"_status": "ERR",
"_error": {
"code": 401,
"message": "Please provide proper credentials"
}
}
In this example, after implementing basic authentication, the request is the following:
curl -H "Authorization: Basic YWRtaW46c2VjcmV0" -i http://example.com
It is not clear for me what the token after the Basic keyword is. I also tried to use this format in my case, but nothing works.
So, the first question is, what must be the format of the request as the barack user with the password obama for the BasicAuth?
Also, I am trying to implement the TokenAuth. Then the second question is, what is the format of the request with the token?
I could not find any clear information about this.
UPDATE
Thanks to #gcw, I figured out how to make the request using the Authorization header.
Couple of remarks:
The Base64 decoding on linux is done with echo '<base64encodedstring>' | base64 -d. The -D is the macos option.
The Base64 encoding is done with: echo -n '<string>' | base64. The -n is important - it drops the new line character, which is by default included in the <string>.
But I still was not able to use my newly created users to login to the api.
The Authorization header must have the admin:pass information in base64 format. If you check the contents of YWRtaW46c2VjcmV0 by decoding it with echo "YWRtaW46c2VjcmV0" | base64 -D you can see that it is admin:secret. Try to use your credentials in base64 format to see if that works. Also, you can generate the Authorization header using Postman Basic Auth tab.
About using the TokenAuth, you can use Bearer instead of Basic to pass your token in base64 format. This answer here explains some details about different HTTP authentication methods.
I’m trying to use the Github v3 API - I already implemented the required OAuth flow and it works well.
Now I’m trying some of the Repos API endpoints (http://developer.github.com/v3/repos/).
So far, I’m able to get a List of my repos using: GET /user/repos
However, when I try to create a repo using POST /user/repos, I get a 404.
Any thoughts what I might be doing wrong?
Joubert
Can you please tell us how exactly you did the HTTP request? The 404 sounds like you were using a wrong path, probably. But to give a reliable answer instead a wild guess, we need to see your request, including how you are sending your token, just mask it with 'xxx' or something.
I'll show you in the meantime an example request, that is working:
curl -XPOST -H 'Authorization: token S3CR3T' https://api.github.com/user/repos -d '{"name":"my-new-repo","description":"my new repo description"}'
You would need to replace the OAuth token of course: S3CR3T
I had the same issue. The reason why you are getting a 404 with your oauth access token is that when you authorize to github you need to also additionally pass the scopes you want. For example, in the header you should see "X-OAuth-Scopes: repo, user", which means this user has read/write access to his profile and repositories. Once you have set the correct scopes you should be able to do POST/PUT requests just fine.
To see whether or not you have the correct permissions. You can do something like the following. Substitute the XXXXXXX with your access token.
curl -I https://api.github.com/user?access_token=XXXXXXXX
For creating repositories as a user you can use an personal access token and basic auth, which can be much simpler when you are fluffing around on the command line and have 2FA enabled.
curl -d '{"name":"test"}' -u githubuser:personaccesstoken https://api.github.com/user/repos
Create a personal access token here https://github.com/settings/tokens and make sure it has the 'repo' scope.
This script lets you read in in the token and project name as variables so you can use it in a script
#!/usr/bin/env bash -u
#
TOKEN=`cat token_file`
PROJECT=myproject
curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' -d '{"name": "'"$PROJECT"'"}' https://api.github.com/user/repos?access_token=$TOKEN