英文:
Error message 'Resource not accessible by personal access token' when trying to perform mutation in Github GraphQL API
问题
I'm here to assist with the translation:
我正在尝试构建一个简单的Android应用程序,用于列出随机存储库并能够为某些存储库添加星标。每次我尝试使用Altair进行项目添加星标的突变时,都会收到上述错误消息,但是当我从Github GraphQL Explorer执行相同的突变时,该突变会被执行并且星标会添加到存储库。为什么?
我正在使用细粒度的个人访问令牌来进行工作。
突变:
mutation AddStarMutation($id: ID!) {
addStar(input: {
starrableId: $id
}) {
starrable {
id
stargazerCount
viewerHasStarred
}
}
}
错误消息:
{
"data": {
"addStar": null
},
"errors": [
{
"type": "FORBIDDEN",
"path": [
"addStar"
],
"extensions": {
"saml_failure": false
},
"locations": [
{
"line": 2,
"column": 3
}
],
"message": "Resource not accessible by personal access token"
}
]
}
我可以执行query而没有任何问题。我漏掉了什么吗?
- 如果可以给公共存储库添加星标,我该如何做?
- 如果在公共存储库中不允许使用个人访问令牌进行突变,为什么文档中提供了
addStar的信息?
我尝试了文档中的教程来进行查询和突变方法的身份验证。https://docs.github.com/en/graphql/overview/about-the-graphql-api
英文:
I'm trying to build a simple Android app to list random repositories and be able to add a star to certain repos. Every time when I try to do a mutation to add a star to a project using Altair I get the said error message, but when I perform the same mutation from Github GraphQL Explorer the mutation is executed and the star is given to the repository. Why?
I'm using a fine-grained personal access token to do the work.
Mutation:
mutation AddStarMutation($id: ID!) {
addStar(input: {
starrableId: $id
}) {
starrable {
id
stargazerCount
viewerHasStarred
}
}
}
Error message:
{
"data": {
"addStar": null
},
"errors": [
{
"type": "FORBIDDEN",
"path": [
"addStar"
],
"extensions": {
"saml_failure": false
},
"locations": [
{
"line": 2,
"column": 3
}
],
"message": "Resource not accessible by personal access token"
}
]
}
This are the configuration for permissions used for the token
I'm able to perform query without any issues. What am I missing?
- If is possible to give stars to public repos, how do I do it?
- If is not possible using the Personal Access Token for mutations in public repos why
addStaravailable in the docs?
I tried the documentation tutorial authentication, for query and mutation methods. https://docs.github.com/en/graphql/overview/about-the-graphql-api
答案1
得分: 1
以下是要翻译的内容:
原来我所缺少的是,要代表用户执行突变操作,你必须使用OAuth2应用程序身份验证方法提供登录。这样,你会提示应用程序代表用户使用的权限。在文档中查看详细信息:https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps
附注:在发布问题之前,我已经查看了这些文档,但没有理解OAuth2应用程序的目的。
英文:
Turned out what I was missing is to perform mutations on behalf a user you have to provide a login using the OAuth2 app authentication method. This way you prompt the permissions your app is using on behalf of the user. Check here in the docs: https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps
Ps: I had checked this docs before posting the question but did not get the purpose of OAuth2 apps.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论