Github Apps Token #24635

mirfanrafif · 2022-01-25T01:20:52Z

mirfanrafif
Jan 25, 2022

Today, I am working on final assignment for graduation criteria in my university. I am making a system that can check students’ answer (test, parse and send it to REST API backend). And I make a system that can generate repository by it’s template. I am using a Github Apps to interact with Github API.
But I have a problem when creating Github Apps installations access token. Sometimes it goes wrong. It respond me like this :

Client error: POST https://api.github.com/app/installations/INSTALLATIONS_ID/access_tokens resulted in a 401 Unauthorized response:\n{“message”:"‘Expiration time’ claim (‘exp’) is too far in the future",“documentation_url”:“GitHub REST API - GitHub Docs” (truncated…)\n

Its started today. Yesterday and 1-2 month ago, I made this system (I mean block of code) and always working. Is there any new limitation to generate token every 1 minute and no shorter time?

Answered by Katsute

Jan 25, 2022

<a href="https://github.community/t/expiration-time-claim-exp-is-too-far-in-the-future-when-creating-an-access-token/13830/2">"'Expiration time' claim ('exp') is too far in the future" when creating an access token</a> <a class="badge-wrapper  bullet" href="/c/github-ecosystem/37"><span class="badge-category-bg" style="background-color: #28a745;"></span><span style="" data-drop-close="true" class="badge-category clear-badge" title="Discussion and support using GitHub’s REST, and GraphQL APIs, building Applications and OAuth Apps, the GitHub Marketplace, and third party integrations.">GitHub Ecosystem</span></a>

Okay so the documentation isn’t very clear, but maybe this section on au…

View full answer

mirfanrafif · 2022-01-25T01:22:42Z

mirfanrafif
Jan 25, 2022
Author

I send my code here :

 private function createJwtToken()
{
$configuration = Configuration::forSymmetricSigner(

    // You may use any HMAC variations (256, 384, and 512)

    new Signer\Rsa\Sha256(),

    // replace the value below with a key of your own!

    InMemory::plainText(env('GITHUB_APPS_SECRET_KEY', ''))

    // You may also override the JOSE encoder/decoder if needed by providing extra arguments here

);

$now   = new DateTimeImmutable();

$token = $configuration-&gt;builder(new MyClaimsFormatter())

    -&gt;issuedBy(env('GITHUB_APPS_ID', 0))

    -&gt;issuedAt($now)

    -&gt;expiresAt($now-&gt;modify('+10 minute'))

    -&gt;getToken($configuration-&gt;signer(), $configuration-&gt;signingKey());

info($token-&gt;toString());

return $token-&gt;toString();

}
private function getAccessToken(Client $http, $jwtToken)
{
//get access token

return $http-&gt;request('POST', 'app/installations/INSTALLATIONS_ID/access_tokens', [

    'headers' =&gt; [

        'Accept' =&gt; 'application/json',

        'Authorization' =&gt; 'Bearer ' . $jwtToken

    ]

]);

}

Like to see your answers😁

0 replies

Katsute · 2022-01-25T01:49:10Z

Katsute
Jan 25, 2022

<a href="https://github.community/t/expiration-time-claim-exp-is-too-far-in-the-future-when-creating-an-access-token/13830/2">"'Expiration time' claim ('exp') is too far in the future" when creating an access token</a> <a class="badge-wrapper  bullet" href="/c/github-ecosystem/37"><span class="badge-category-bg" style="background-color: #28a745;"></span><span style="" data-drop-close="true" class="badge-category clear-badge" title="Discussion and support using GitHub’s REST, and GraphQL APIs, building Applications and OAuth Apps, the GitHub Marketplace, and third party integrations.">GitHub Ecosystem</span></a>

Okay so the documentation isn’t very clear, but maybe this section on authenticating with JWT is implying that the ‘exp’ can be at most 10 minutes later than the ‘iat’? If this is the case, then I think that
The documentation needs to be more clear that 10 minutes is the maximum time hardcoded into the GitHub server (I’ve been misinterpreting that section to mean “in this example, 10 minutes is the maximum amount of time this token will be available for”)

The GitHub server should be lenie…

0 replies

mirfanrafif · 2022-01-25T06:16:31Z

mirfanrafif
Jan 25, 2022
Author

thanks bro. thats really helpful

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Community

Github Apps Token #24635

{{title}}

Replies: 3 comments

{{title}}

{{title}}

{{title}}

Select a reply

GitHub Community

Github Apps Token #24635

mirfanrafif Jan 25, 2022

Replies: 3 comments

mirfanrafif Jan 25, 2022 Author

Katsute Jan 25, 2022

mirfanrafif Jan 25, 2022 Author

mirfanrafif
Jan 25, 2022

mirfanrafif
Jan 25, 2022
Author

Katsute
Jan 25, 2022

mirfanrafif
Jan 25, 2022
Author