hub
hub copied to clipboard
hub complains "Unauthorized (HTTP 401)" and "Bad credentials"
hub 2.2.2 on OS X complains "Unauthorized (HTTP 401)" and "Bad credentials" when I try to check out a pull request.
I have not used hub
before. My credentials work in curl and on the web site. I have nothing in any OS X keychain matching "github". My usual github access uses an SSH key and no 2FA.
% hub --version
git version 2.6.3 (Apple Git-62)
hub version 2.2.2
% ls ~/.config/hub
ls: /Volumes/precious/gparker/.config/hub: No such file or directory
[note git
is not an alias, so the following is real git and not hub]
% git clone [email protected]:/apple/swift.git
Cloning into 'swift'...
remote: Counting objects: 318893, done.
remote: Compressing objects: 100% (123/123), done.
remote: Total 318893 (delta 42), reused 1 (delta 1), pack-reused 318768
Receiving objects: 100% (318893/318893), 66.27 MiB | 4.56 MiB/s, done.
Resolving deltas: 100% (261489/261489), done.
Checking connectivity... done.
Checking out files: 100% (9920/9920), done.
% cd swift
% env HUB_VERBOSE=1 hub checkout http://github.com/apple/swift/pull/862
github.com username: gparker42
github.com password for gparker42 (never stored):
> GET https://api.github.com/repos/apple/swift/pulls/862
> Authorization: token
< HTTP 401
{"message":"Bad credentials","documentation_url":"https://developer.github.com/v3"}
Error getting pull request: Unauthorized (HTTP 401)
Bad credentials
[note that I don't have anything in ~/.config/hub after this sequence]
% curl -u gparker42 https://api.github.com/repos/apple/swift/pulls/862
Enter host password for user 'gparker42':
{
"url": "https://api.github.com/repos/apple/swift/pulls/862",
"id": 54923914,
"html_url": "https://github.com/apple/swift/pull/862",
[…]
Are you sure you haven't removed anything from the below output:
% env HUB_VERBOSE=1 hub checkout http://github.com/apple/swift/pull/862
github.com username: gparker42
github.com password for gparker42 (never stored):
> GET https://api.github.com/repos/apple/swift/pulls/862
> Authorization: token
< HTTP 401
{"message":"Bad credentials","documentation_url":"https://developer.github.com/v3"}
It seems incomplete. Like it didn't try to obtain an OAuth token at all.
Do you still have this issue?
Still reproduces with hub-2.2.2. I haven't tried building hub from source.
The output shown above is exactly what I see, except for some colorization of the verbose output.
Thanks for updating. This is really weird. According to your HTTP log, it never even tries to exchange your username/password for OAuth token. I've never seen this behavior before. Which version of OS X are you on?
This is OS X 10.11.4 beta (build 15E27e). I might have a 10.11.2 or 10.11.3 machine to try.
I'm seeing the same problem, using Gentoo Linux. "hub create" simply shows 401:
kakra@jupiter ~/src/php-graveyard [git:master] $ HUB_VERBOSE=1 hub create
$ git config alias.create
$ git rev-parse -q --git-dir
> GET https://api.github.com/repos/kakra/php-graveyard
> Authorization: token [REDACTED]
< HTTP 401
{"message":"Bad credentials","documentation_url":"https://developer.github.com/v3"}
> POST https://api.github.com/user/repos
> Authorization: token [REDACTED]
{"owner":{},"name":"php-graveyard","private":false,"pushed_at":"0001-01-01T00:00:00Z","created_at":"0001-01-01T00:00:00Z","updated_at":"0001-01-01T00:00:00Z","permissions":{"Admin":false,"Push":false,"Pull":false}}
< HTTP 401
{"message":"Bad credentials","documentation_url":"https://developer.github.com/v3"}
Error creating repository: Unauthorized (HTTP 401)
Bad credentials
Nevermind: After removing $HOME/.config/hub
it works. It asked my user/pass and stored a new token. I expected it to be found in $HOME/.gitconfig
because there I removed it the first time.
With hub-2.2.3 on OS X 10.11.3 (15D21) it now sometimes works and sometimes fails when there is no ~/.config/hub
file.
Success and failure output below. I manually redacted anything that looked like it might be sensitive, in addition to the output's own redactions. Note that the "successful" output also starts with a bunch of failed requests.
curl
still works every time. hub-2.2.2 still fails every time. hub-2.2.2 works after hub-2.2.3 successfully creates a ~/.config/hub
file.
Success:
% env HUB_VERBOSE=1 hub checkout http://github.com/apple/swift/pull/862
$ git config alias.checkout
$ git config hub.host
github.com username: gparker42
github.com password for gparker42 (never stored):
> POST https://api.github.com/authorizations
> Authorization: Basic [REDACTED]
{"scopes":["repo"],"note":"hub for [email protected]","note_url":"http://hub.github.com/"}
< HTTP 422
{"message":"Validation Failed","errors":[{"resource":"OauthAccess","code":"already_exists","field":"description"}],"documentation_url":"https://developer.github.com/v3/oauth_authorizations/#create-a-new-authorization"}
> POST https://api.github.com/authorizations
> Authorization: Basic [REDACTED]
{"scopes":["repo"],"note":"hub for [email protected] 2","note_url":"http://hub.github.com/"}
< HTTP 422
{"message":"Validation Failed","errors":[{"resource":"OauthAccess","code":"already_exists","field":"description"}],"documentation_url":"https://developer.github.com/v3/oauth_authorizations/#create-a-new-authorization"}
> POST https://api.github.com/authorizations
> Authorization: Basic [REDACTED]
{"scopes":["repo"],"note":"hub for [email protected] 3","note_url":"http://hub.github.com/"}
< HTTP 422
{"message":"Validation Failed","errors":[{"resource":"OauthAccess","code":"already_exists","field":"description"}],"documentation_url":"https://developer.github.com/v3/oauth_authorizations/#create-a-new-authorization"}
> POST https://api.github.com/authorizations
> Authorization: Basic [REDACTED]
{"scopes":["repo"],"note":"hub for [email protected] 4","note_url":"http://hub.github.com/"}
< HTTP 422
{"message":"Validation Failed","errors":[{"resource":"OauthAccess","code":"already_exists","field":"description"}],"documentation_url":"https://developer.github.com/v3/oauth_authorizations/#create-a-new-authorization"}
> POST https://api.github.com/authorizations
> Authorization: Basic [REDACTED]
{"scopes":["repo"],"note":"hub for [email protected] 5","note_url":"http://hub.github.com/"}
< HTTP 422
{"message":"Validation Failed","errors":[{"resource":"OauthAccess","code":"already_exists","field":"description"}],"documentation_url":"https://developer.github.com/v3/oauth_authorizations/#create-a-new-authorization"}
> POST https://api.github.com/authorizations
> Authorization: Basic [REDACTED]
{"scopes":["repo"],"note":"hub for [email protected] 6","note_url":"http://hub.github.com/"}
< HTTP 201
< Location: https://api.github.com/authorizations/28401207
{"id":28401207,"url":"https://api.github.com/authorizations/28401207","app":{"name":"hub for [email protected] 6","url":"http://hub.github.com/","client_id":"00000000000000000000"},"token":"[REDACTED]","hashed_token":"[REDACTED]","token_last_eight":"[REDACTED]","note":"hub for [email protected] 6","note_url":"http://hub.github.com/","created_at":"2016-02-22T15:18:42Z","updated_at":"2016-02-22T15:18:42Z","scopes":["repo"],"fingerprint":null}
> GET https://api.github.com/user
> Authorization: token [REDACTED]
< HTTP 200
{"login":"gparker42", [...]}
> GET https://api.github.com/repos/apple/swift/pulls/862
> Authorization: token [REDACTED]
< HTTP 200
{"url":"https://api.github.com/repos/apple/swift/pulls/862", [...]}
[...]
Failure:
% env HUB_VERBOSE=1 hub checkout http://github.com/apple/swift/pull/862
$ git config alias.checkout
$ git config hub.host
github.com username: gparker42
github.com password for gparker42 (never stored):
> POST https://api.github.com/authorizations
> Authorization: Basic [REDACTED]
{"scopes":["repo"],"note":"hub for [email protected]","note_url":"http://hub.github.com/"}
< HTTP 422
{"message":"Validation Failed","errors":[{"resource":"OauthAccess","code":"already_exists","field":"description"}],"documentation_url":"https://developer.github.com/v3/oauth_authorizations/#create-a-new-authorization"}
> POST https://api.github.com/authorizations
> Authorization: Basic [REDACTED]
{"scopes":["repo"],"note":"hub for [email protected] 2","note_url":"http://hub.github.com/"}
< HTTP 422
{"message":"Validation Failed","errors":[{"resource":"OauthAccess","code":"already_exists","field":"description"}],"documentation_url":"https://developer.github.com/v3/oauth_authorizations/#create-a-new-authorization"}
> POST https://api.github.com/authorizations
> Authorization: Basic [REDACTED]
{"scopes":["repo"],"note":"hub for [email protected] 3","note_url":"http://hub.github.com/"}
< HTTP 422
{"message":"Validation Failed","errors":[{"resource":"OauthAccess","code":"already_exists","field":"description"}],"documentation_url":"https://developer.github.com/v3/oauth_authorizations/#create-a-new-authorization"}
> POST https://api.github.com/authorizations
> Authorization: Basic [REDACTED]
{"scopes":["repo"],"note":"hub for [email protected] 4","note_url":"http://hub.github.com/"}
< HTTP 422
{"message":"Validation Failed","errors":[{"resource":"OauthAccess","code":"already_exists","field":"description"}],"documentation_url":"https://developer.github.com/v3/oauth_authorizations/#create-a-new-authorization"}
> POST https://api.github.com/authorizations
> Authorization: Basic [REDACTED]
{"scopes":["repo"],"note":"hub for [email protected] 5","note_url":"http://hub.github.com/"}
< HTTP 201
< Location: https://api.github.com/authorizations/28401173
{"id":28401173,"url":"https://api.github.com/authorizations/28401173","app":{"name":"hub for [email protected] 5","url":"http://hub.github.com/","client_id":"00000000000000000000"},"token":"[REDACTED]","hashed_token":"[REDACTED]","token_last_eight":"[REDACTED]","note":"hub for [email protected] 5","note_url":"http://hub.github.com/","created_at":"2016-02-22T15:18:00Z","updated_at":"2016-02-22T15:18:00Z","scopes":["repo"],"fingerprint":null}
> GET https://api.github.com/user
> Authorization: token [REDACTED]
< HTTP 401
{"message":"Bad credentials","documentation_url":"https://developer.github.com/v3"}
> GET https://api.github.com/repos/apple/swift/pulls/862
> Authorization: token
< HTTP 401
{"message":"Bad credentials","documentation_url":"https://developer.github.com/v3"}
Error getting pull request: Unauthorized (HTTP 401)
Bad credentials
It works for me after updating the oauth_token
value within ~/.config/hub
@gparker42 Thanks for all that info. Do you still have a persistent issue, or did it go away?
I'm on hub version 2.2.3 and I have the exact same problem:
env HUB_VERBOSE=1 hub browse ⏎
$ git config alias.browse
$ git rev-parse -q --git-dir
$ git remote -v
$ git config hub.host
> GET https://api.github.com/user
> Authorization: token [REDACTED]
< HTTP 401
{"message":"Bad credentials","documentation_url":"https://developer.github.com/v3"}
Error getting current user: Unauthorized (HTTP 401)
Bad credentials
I have no ~/.config/hub
file.
what is the content that needs to go in ~/.config/hub
? if I could hand create that I would hope I could get pass this and actually get hub
working again for me ;)
Tried writeup my own ~/.config/hub
looking something like:
github.com:
- user: maxandersen
oauth_token: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
protocol: https
but still get same errors.
Also tried remove the oauth_token
to hope it would re-auth but nope, still same errors about not being authorized.
I'm seeing the same thing. hub
used to work fine, and stopped at some point. I'm finally getting around to figuring out why. I have no ~/.config/hub
file.
cat ~/.config/hub
cat: /Users/[blah]/.config/hub: No such file or directory
The log from hub
:
env HUB_VERBOSE=1 hub pull-request
$ git config alias.pull-request
$ git rev-parse -q --git-dir
$ git remote -v
$ git config hub.host
> GET https://api.github.com/user
> Authorization: token [REDACTED]
< HTTP 401
{"message":"Bad credentials","documentation_url":"https://developer.github.com/v3"}
Error getting current user: Unauthorized (HTTP 401)
Bad credentials
This suggests to me that a token is being found... somewhere. But I'm not sure where.
I had this same problem. Turns out I had set GITHUB_TOKEN in my .zshrc long ago, to a token that was no longer valid. Removing this fixed the issue.
@cacrawford, brilliant! Your suggestion led me to investigate the files I was sourcing in my ZSH setup. It turns out I had a .zlocal
with my GITHUB_TOKEN
set. Doh!
where can I store the ~/.config/hub file when hub command is invoked through, for example, popen, vai python? since there is no ~directory, is there a global configuration for hub, to store the username and the token?
@erictrade Have you found a solution for this?
where can I store the ~/.config/hub file when hub command is invoked through, for example, popen, vai python?
@erictrade Are you saying that in those cases, HOME
environment variable isn't set? Hub wasn't designed to operate in such a case. Do you feel like it should?
hi @c-geek and @mislav ! I edited weblate sources to workaround my problems, and it's working really good for me. I edited 2 files, to be exactly. It fixed 2 problems I was having. But this code is not really clean, because I hardcoded some strings for not knowing weblate full structure. Also, I needed to create the github repository, creating another method. I think I shoud creat it also on its base class, but I didn't because of our rush here. I can submit a pull request as is, so you can analyse the code, and refactor to get it cleaner. I can comment everything to show exactly why I changed, and why it's working now. Does it help anyway? If so, I'll fork the repository and submit a pull request, explaining everything. =)
Just to be documented, I got the idea of how to fix it on this already closed issue on hub project: https://github.com/github/hub/issues/1164
Well I finally managed to make it work, actually I was misunderstanding hub push
behavior (no hub credential used) compared to hub pull-request
(hub crediential used) along with other things commented on this weblate issue.
Anyway, @erictrade, putting yout solution could help future users crawling the web up to this issue!
@erictrade I'm not sure if I follow what your issue is. Is something a blocker for you? Did you solve it? Would you share your solution with us, maybe in the aforementioned thread if it's on-topic? Do you think many people are affected by this?
I can share the piece of code here, and I can make a PR on weblate open source project, with the entire solution to my problem. About hub and popen, here is the trick:
process = subprocess.Popen(
args,
cwd=cwd,
env=get_clean_env({'GIT_SSH': ssh_file(SSH_WRAPPER),
'HUB_CONFIG': '/home/youruser/.config/hub'}),
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
)
As it was a clean enviroment I was using, it could not find the hub config file. So, adding 'HUB_CONFIG': '/home/youruser/.config/hub' it works. Of course, hard coding this path is not a good solution, but the idea is exactly this. So, I guess the issue is not hub's problem, but the implementation when using it.
Does anyone still have a problem with 401 "Bad Credentials" error messages when using a recent version of hub? Otherwise I'm inclined to close this issue. Thanks everyone for your input!
This fails for me with hub 2.2.8 on OSX 10.11.4 talking to an internal GHE host. When I wrote my own ~/.config/hub using @maxandersen 's comment as a template, and using an oauth token I generated from the Settings page myself, everything works fine.
@dbushong Does your GHE host allow authentication via username & password?
Via the API? I'm not sure. We log into the website via an SSO front-door and do git operations via ssh. That might be the problem. Might want to add something to the docs about how to set up the ~/.config/hub file manually.
Yes that is a very common request with GHE. I'm going to add a command that helps you configure your GHE authentication by prompting you to paste a Personal Access token that you generated yourself. That will help a great deal, I think.
$ hub --version ⏎
git version 2.7.4 (Apple Git-66)
hub version 2.2.8
$ git co https://github.com/almighty/almighty-devdoc/pull/61
Error getting pull request: Unauthorized (HTTP 401)
Bad credentials
$ export GITHUB_TOKEN=<secret>
$ git co https://github.com/almighty/almighty-devdoc/pull/61
Updating ALRubinger
remote: Counting objects: 6, done.
remote: Compressing objects: 100% (6/6), done.
...
so afaik its still not fixed. hub always say i'm unauthorized and does not ask for setting up token/auth of any kind.
@maxandersen In the meantime, until hub implements re-authorization, can you just swap your token in ~/.config/hub
with the one that you pasted as GITHUB_TOKEN
?