Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

401 Unauthorized errors every hour

See original GitHub issue

Bug Report

https://github.com/tommilligan/prowl-github-app/

Current Behavior I have a probot app running full time on AWS. The app

  • listens for events
  • performs some long-running (~2 min) checks
  • responds to the GitHub API

Occasionally, I get 401 Unauthorized errors back from the API when performing actions:

HttpError: {"message":"Bad credentials","documentation_url":"https://developer.github.com/v3"}
    at response.text.then.message (/usr/src/app/node_modules/@octokit/rest/lib/request/request.js:78:19)
    at <anonymous>
    at process._tickDomainCallback (internal/process/next_tick.js:228:7)

These errors always happen at the same point in the hour - e.g. for a single instance, at 10:05, 11:05, 14:05 and 21:05.

I suspect this is because in the ~2 min check time, the OAuth token attached to the event context expires. This then results in unauthorized requests when calling context.github. New events are received with valid tokens, which do not error.

Expected behavior/code Not to get Unauthorized errors sproradically

Environment

  • Probot version(s): 7.0.0
  • Node/npm version: node 8.9.4/npm 5.6.0
  • OS: Ubuntu 18.04.1 LTS

Possible Solution

Requests to either:

  • pass first time by always using the latest token
  • on Unauthorized, refresh access token and retry

Additional context/Screenshots

                                    |
+-----------------------------------+------------------------+
|                                                            |
| GitHub API                                                 |
|                                                            |
+-+-----+--------^--------------+---+---+---------^----------+
  |     |        |              |   |   |         |
  v     |event   |action        |       v         |
token   |        |(Authorized)  |   | token       |
  +   +-v------------+          |                 |
  +--->   context    |          |   |             |
  |   +--------------+          |                 |action
  |                             |   |             |(Unauthorized)
  |                            +v---+------------------+
  +---------------------------->  context              |
                               +----+------------------+
                                    |

                                    |
                        probot access_token expires
                                    |

                                    |

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Comments:11 (9 by maintainers)

github_iconTop GitHub Comments

1reaction
tommilligancommented, Nov 18, 2020

Thanks for the update! I don’t see any issue with removing the environment variable.

I no longer maintain the app I built (although I hear it’s still kicking at my old workplace). Happy to see probot is still actively developed 🙂

0reactions
gr2mcommented, Nov 18, 2020

@tommilligan the custom INSTALLATION_TOKEN_TTL setting should no longer be required with the Probot v10. Installation access tokens are renewed on demand at the time of the request via https://github.com/octokit/auth-app.js/, they are no longer set statically at the time when an event is handled.

Let me know if you see a problem with removing the environment variable

<div> GitHub</div><div>octokit/auth-app.js</div><div>GitHub App authentication for JavaScript. Contribute to octokit/auth-app.js development by creating an account on GitHub.</div>
Read more comments on GitHub >

github_iconTop Results From Across the Web

401 Error: 5 Ways to Troubleshoot and Fix It - Hostinger
The 401 Unauthorized error indicates that the server's request was not verified because it lacks valid authentication credentials for the target ...
Read more >
How to Quickly Fix the 401 Unauthorized Error (5 Methods)
The 401 (Unauthorized) status code indicates that the request has not been applied because it lacks valid authentication credentials for the ...
Read more >
What is 401 Unauthorized Error? How to Fix it (4 Easy Fixes)
The 401 unauthorized error is quite common and mostly a result of a user's inability to patiently type in their login credentials. Still,...
Read more >
Troubleshooting - 401 Unauthorized error - Workato Docs
The 401 Unauthorized error indicates that your connection credentials are invalid. This can occur if the connection credentials were updated since you last ......
Read more >
'401 Unauthorized HTTP' for REST API token that expires in ...
For the Fuel/REST API, access tokens expire one hour after they are issued, when you use a legacy package. If you attempt to...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

[bug] Probot throws error trying to squash and merge, when you can do it on Github UI

Next page

Don't receive any events from Webhook