404s from github API for publish
snarfed opened this issue ยท 4 comments
@tantek got a 404 from the github API just now when trying to publish a ๐ reaction to an issue comment. the target comment definitely exists, firefox-devtools/rfcs#27 (comment) , and we were both able to add that reaction to it manually.
we started to suspect a github API bug, but then i found that API 404s can evidently be caused by:
- bad auth: https://developer.github.com/v3/troubleshooting/#why-am-i-getting-a-404-error-on-a-repository-that-exists
- org settings that block API write access: https://developer.github.com/changes/2015-01-19-an-integrators-guide-to-organization-application-policies/
if it's one of those, we should detect this and return a better error message.
I Params: [('target', u'http://brid.gy/publish/github'), ('source', u'http://tantek.com/2018/143/t3/')]
...
I requests.get https://api.github.com/repos/devtools-html/rfcs/issues/comments/391251478 {'headers': {'Accept': u'...', 'Authorization': u'...'}}
I requests.post https://api.github.com/graphql {'headers': {'Authorization': u'...'}, 'json': {'query': u'\nquery {\n repository(owner: "devtools-html", name: "rfcs") {\n issueOrPullRequest(number: 27) {\n ... on Issue {id title}\n ... on PullRequest {id title}\n }\n }\n}\n'}}
I requests.post https://api.github.com/repos/devtools-html/rfcs/issues/comments/391251478/reactions {'headers': {'Accept': u'...', 'Authorization': u'...'}, 'json': {'content': 'hooray'}}
W Error 404, response body: u'{"message":"Not Found","documentation_url":"https://developer.github.com/v3/reactions/#create-reaction-for-an-issue-comment"}'
I Error: {"message":"Not Found","documentation_url":"https://developer.github.com/v3/reactions/#create-reaction-for-an-issue-comment"} 404 Client Error: None for url: https://api.github.com/repos/devtools-html/rfcs/issues/comments/391251478/reactions
Traceback (most recent call last):
File "/base/data/home/apps/s~brid-gy/8.409738577936094269/publish.py", line 432, in attempt_single_item
obj, include_link=include_link, ignore_formatting=ignore_formatting)
File "/base/data/home/apps/s~brid-gy/8.409738577936094269/local/lib/python2.7/site-packages/granary/github.py", line 440, in create
ignore_formatting=ignore_formatting)
File "/base/data/home/apps/s~brid-gy/8.409738577936094269/local/lib/python2.7/site-packages/granary/github.py", line 593, in _create
'content': REACTIONS_REST.get(orig_content),
...
HTTPError: 404 Client Error: None for url: https://api.github.com/repos/devtools-html/rfcs/issues/comments/391251478/reactions
tantek tried re-authing github on bridgy, but no luck. he also noted that if the org was blocking API writes, https://developer.github.com/changes/2015-01-19-an-integrators-guide-to-organization-application-policies/ says the API call would return 403, not 404.
new clue! looks like it is org permissions after all. @tantek saw similar failures attempting to comment on another org's repo. we got this useful error message back from the create comment graphql API call:
Although you appear to have the correct authorization credentials, the
whatwgorganization has enabled OAuth App access restrictions, meaning that data access to third-parties is limited. For more information on these restrictions, including how to whitelist this app, visit https://help.github.com/articles/restricting-access-to-your-organization-s-data/
so, we should probably catch and surface this, and maybe say something similar on 404s.
(tangentially, interesting that the graphql API gave us a human readable error message, while the REST API gave us an opaque 404...but it was also a comment vs a reaction, so who knows.)
log:
I requests.head https://github.com/whatwg/html/issues/3704 {'headers': {'User-Agent': u'...'}}
I requests.post https://api.github.com/graphql {'headers': {'Authorization': u'...'}, 'json': {'query': u'\nquery {\n repository(owner: "whatwg", name: "html") {\n issueOrPullRequest(number: 3704) {\n ... on Issue {id title}\n ... on PullRequest {id title}\n }\n }\n}\n'}}
I requests.post https://api.github.com/graphql {'headers': {'Authorization': u'...'}, 'json': {'query': u'\nmutation {\n addComment(input: {subjectId: "MDU6SXNzdWUzMjU2NTIwNzA=", body: "Registration (on the microformats wiki) works fine. I just tried it and created a new account. If you are having trouble understanding the microformats wiki, whether with registration or anything, please state the problem as a question and check the FAQ accordingly: <http://microformats.org/wiki/faq>\n\nRecommend closure of issue #3704, works for me, no changes to HTML Standard needed.\n\n(Originally published at: http://tantek.com/2018/143/t6/)"}) {\n commentEdge {\n node {\n id url\n }\n }\n }\n}\n'}}
E {u'errors': [{u'path': [u'addComment'], u'message': u'Although you appear to have the correct authorization credentials,\nthe `whatwg` organization has enabled OAuth App access restrictions, meaning that data\naccess to third-parties is limited. For more information on these restrictions, including\nhow to whitelist this app, visit\nhttps://help.github.com/articles/restricting-access-to-your-organization-s-data/\n', u'type': u'FORBIDDEN', u'locations': [{u'column': 3, u'line': 3}]}], u'data': {u'addComment': None}}
Traceback (most recent call last):
...
File "publish.py", line 665, in post
result = self._run()
File "publish.py", line 251, in _run
result = self.attempt_single_item(item)
File "publish.py", line 432, in attempt_single_item
obj, include_link=include_link, ignore_formatting=ignore_formatting)
File "local/lib/python2.7/site-packages/granary/github.py", line 440, in create
ignore_formatting=ignore_formatting)
File "local/lib/python2.7/site-packages/granary/github.py", line 614, in _create
'body': content,
File "local/lib/python2.7/site-packages/granary/github.py", line 238, in graphql
assert 'errors' not in result, result
AssertionError: {u'errors': [{u'path': [u'addComment'], u'message': u'Although you appear to have the correct authorization credentials,\nthe `whatwg` organization has enabled OAuth App access restrictions, meaning that data\naccess to third-parties is limited. For more information on these restrictions, including\nhow to whitelist this app, visit\nhttps://help.github.com/articles/restricting-access-to-your-organization-s-data/\n', u'type': u'FORBIDDEN', u'locations': [{u'column': 3, u'line': 3}]}], u'data': {u'addComment': None}}
this keeps biting @tantek. IRC discussion. interestingly, https://github.com/kylewm/silo.pub uses the v3 REST API and can happily post these same comments and reactions ok. i'll try switching to v3 to see if that helps.