Skip to content

Commit

Permalink
improve the error message if the token is invalid
Browse files Browse the repository at this point in the history
  • Loading branch information
shogo82148 committed Oct 7, 2021
1 parent b47f995 commit 331fe37
Showing 1 changed file with 17 additions and 10 deletions.
27 changes: 17 additions & 10 deletions provider/github-app-token/github-app-token.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,9 @@ import (
"github.com/shogo82148/actions-github-app-token/provider/github-app-token/github"
)

// the sentinel error that the token is not GITHUB_TOKEN
var errNotGitHubToken = errors.New("githubapptoken: the token is not GITHUB_TOKEN")

type githubClient interface {
GetApp(ctx context.Context) (*github.GetAppResponse, error)
CreateStatus(ctx context.Context, token, owner, repo, ref string, status *github.CreateStatusRequest) (*github.CreateStatusResponse, error)
Expand Down Expand Up @@ -155,21 +158,27 @@ func (h *Handler) handle(ctx context.Context, token string, req *requestBody) (*
}

// authorize the request
var err error
var owner, repo string
if id, err := h.github.ParseIDToken(ctx, token); err == nil {
owner, repo, err = splitOwnerRepo(id.Repository)
err = h.validateGitHubToken(ctx, token, req)
if err == nil {
owner, repo, err = splitOwnerRepo(req.Repository)
if err != nil {
return nil, err
}
} else {
err := h.validateGitHubToken(ctx, token, req)
} else if errors.Is(err, errNotGitHubToken) {
id, err := h.github.ParseIDToken(ctx, token)
if err != nil {
return nil, err
return nil, &validationError{
message: fmt.Sprintf("invalid JSON Web Token: %s", err.Error()),
}
}
owner, repo, err = splitOwnerRepo(req.Repository)
owner, repo, err = splitOwnerRepo(id.Repository)
if err != nil {
return nil, err
}
} else {
return nil, err
}

// issue a new access token
Expand Down Expand Up @@ -293,10 +302,8 @@ func (h *Handler) validateGitHubToken(ctx context.Context, token string, req *re
message: "GITHUB_TOKEN looks like GitHub App refresh token. `github-token` must be `${{ github.token }}` or `${{ secrets.GITHUB_TOKEN }}`.",
}
default:
// Old Format Personal Access Tokens
return &validationError{
message: "GITHUB_TOKEN looks like Personal Access Token. `github-token` must be `${{ github.token }}` or `${{ secrets.GITHUB_TOKEN }}`.",
}
// it doesn't look a GitHub token.
return errNotGitHubToken
}
resp, err := h.updateCommitStatus(ctx, token, req, &github.CreateStatusRequest{
State: github.CommitStateSuccess,
Expand Down

0 comments on commit 331fe37

Please sign in to comment.