Giters

fastai / ghapi

A delightful and complete interface to GitHub's amazing API

Home Page:https://ghapi.fast.ai/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Starting example results in 404, should specify JWT to make it work

grjzwaan opened this issue · comments

commented

The simple example results in a 404 error:

api = GhApi(owner='owner', repo='repo', token='<YOUR-TOKEN>')
pulls = api.pulls.list()

but with curl it works (from GitHub docs):

curl \
  -H "Accept: application/vnd.github+json" \ 
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  https://api.github.com/repos/OWNER/REPO/pulls

The following works:

api = GhApi(owner='owner', repo='repo', jwt_token='<YOUR-TOKEN>')
pulls = api.pulls.list()

The personal access token has scopes for repo, workflow, gist and notifications.

Cause

It seems the API call to GitHub expects a different header. The example on GhApi sets Authorization: token <YOUR-TOKEN> but the example on GitHub specifies Authorization: Bearer <YOUR-TOKEN>. On https://docs.github.com/en/rest/overview/other-authentication-methods this is expanded upon with the note:

Note: In most cases, you can use Authorization: Bearer or Authorization: token to pass a token. However, if you are passing a JSON web token (JWT), you must use Authorization: Bearer.

Reading the docs I assume the header Authorization: token <TOKEN> is fine, but the above experimentation indicates otherwise.

Conclusion

I have no clue why 'my' token is regarded as a JWT token here, and in the example of GhApi not. For me it works, but I couldn't find a reason. Perhaps it helps someone searching for this, but I'm also interested to known if it is a setting or ...