Probot: 401 Unauthorized repsonse from GitHub API

Created on 16 Jul 2017  路  4Comments  路  Source: probot/probot

I've followed the steps outlined in the development guide and have a template-derived instance deployed to Heroku.

$ heroku config

APP_ID:         3503
PRIVATE_KEY:    -----BEGIN RSA PRIVATE KEY... (REDACTED)
WEBHOOK_SECRET: development

Public App URL: https://github.com/apps/electron-probot

The app is configured with generous read-only permissions and installed with access to a single repository, https://github.com/zeke/electron-i18n

Here's the plugin code (see https://github.com/electron/electron-probot/blob/2f7e81a14b834c161193387ff610523b6bb10897/index.js):

module.exports = robot => {
  robot.log('Yay, the plugin was loaded!')

  robot.on('push', async context => {
    robot.log('push')
    robot.log(context)
  })

  robot.on('issues.opened', async context => {
    robot.log('issues.opened')
    robot.log(context)
  })
}

When I heroku logs --tail and then open a new issue on zeke/electron-i18n, I see the following:

2017-07-16T04:04:56.289908+00:00 heroku[router]: at=info method=POST path="/" host=electron-probot.herokuapp.com request_id=729f0d67-2e26-4c35-9610-863e6920668c fwd="192.30.252.42" dyno=web.1 connect=1ms service=18ms status=200 bytes=156 protocol=https
2017-07-16T04:04:56.377629+00:00 app[web.1]: 04:04:56.377Z ERROR PRobot: {"message":"Invalid credentials","documentation_url":"https://developer.github.com/v3"}
2017-07-16T04:04:56.377646+00:00 app[web.1]:   err: {
2017-07-16T04:04:56.377647+00:00 app[web.1]:     "code": 401,
2017-07-16T04:04:56.377648+00:00 app[web.1]:     "status": "Unauthorized",
2017-07-16T04:04:56.377649+00:00 app[web.1]:     "message": "{\"message\":\"Invalid credentials\",\"documentation_url\":\"https://developer.github.com/v3\"}"
2017-07-16T04:04:56.377649+00:00 app[web.1]:   }

Notes:

  • [x] Webhooks are definitely hitting the app, because the 401 error doesn't show up in the logs until I take an action on the target repository.
  • [x] The PRIVATE_KEY env on Heroku looks like the one in the .pem file.
  • [x] The APP_ID is correct
  • [x] The WEBHOOK_SECRET is set to development in the env and the app settings.

Any ideas what might be missing, or tips on further debugging?

Most helpful comment

@zeke and I screen-shared on this today to try to debug it. The solution was to regenerate the private key. I don't really have an explanation for why that would fix it.

FYI @kytrinyx for GitHub App friction

All 4 comments

@zeke and I screen-shared on this today to try to debug it. The solution was to regenerate the private key. I don't really have an explanation for why that would fix it.

FYI @kytrinyx for GitHub App friction

Thanks for the help!

Tried regenerating, can anyone help?

1:00:51.381Z  INFO probot: Yay, the app was loaded!
11:00:51.462Z  INFO probot: Forwarding https://smee.io/xHmFvXWDHJx23b1 to http://localhost:3000/
11:00:51.466Z  INFO probot: Listening on http://localhost:3000
11:00:52.573Z  INFO probot: Connected https://smee.io/xHmFvXWDHJx23b1
11:00:52.580Z ERROR probot:
  Promise {
    <rejected> { [Error: {"message":"A JSON web token could not be decoded","documentation_url":"https://developer.github.com/v3"}]
    message: '{"message":"A JSON web token could not be decoded","documentation_url":"https://developer.github.com/v3"}',
    code: 401,
    status: 'Unauthorized',
    headers: 
     { server: 'GitHub.com',
       date: 'Fri, 23 Feb 2018 11:01:22 GMT',
       'content-type': 'application/json; charset=utf-8',
       'content-length': '105',
       connection: 'close',
       status: '401 Unauthorized',
       'x-github-media-type': 'github.machine-man-preview; format=json',
       'access-control-expose-headers': 'ETag, Link, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval',
       'access-control-allow-origin': '*',
       'content-security-policy': 'default-src \'none\'',
       'strict-transport-security': 'max-age=31536000; includeSubdomains; preload',
       'x-content-type-options': 'nosniff',
       'x-frame-options': 'deny',
       'x-xss-protection': '1; mode=block',
       'x-runtime-rack': '0.022177',
       'x-github-request-id': 'F3D2:5169:5FB6B9:B642C9:5A8FF481' } } }
  --
  err: {
    "code": 401,
    "status": "Unauthorized",
    "message": "{\"message\":\"A JSON web token could not be decoded\",\"documentation_url\":\"https://developer.github.com/v3\"}"
  }

@anshumanv check that you don't have several private keys in the project directory: #440.

Was this page helpful?
0 / 5 - 0 ratings

Related issues

lukepighetti picture lukepighetti  路  5Comments

ericis picture ericis  路  5Comments

booninite picture booninite  路  3Comments

Jake-Gillberg picture Jake-Gillberg  路  3Comments

hiimbex picture hiimbex  路  4Comments