Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication fails if two-factor auth is required on hub 2 (go) #680

Closed
weakish opened this issue Nov 4, 2014 · 7 comments
Closed

Authentication fails if two-factor auth is required on hub 2 (go) #680

weakish opened this issue Nov 4, 2014 · 7 comments

Comments

@weakish
Copy link

weakish commented Nov 4, 2014

How to reproduce

  • Auth hub with GitHub.
  • Turn on GitHub two-factor auth.
  • Then hub fails.
; hub fork
Error creating fork: Unauthorized (HTTP 401)

Workaround

Manually adding a token to ~/.config/hub works.

For more information, see this commen at #435
@owenthereal
Copy link
Contributor

@weakish Do you have access to the repository that you want to fork?

@owenthereal
Copy link
Contributor

@weakish Erk, I didn't read the issue carefully. It could be due to an authentication issue since you mentioned manually adding a token works. Could you try removing ~/.config.hub and run HUB_VERBOSE=true hub fork again. It should print out all the request/response. Feel free and trim out sensitive information and paste the output here. Thanks.

@mislav
Copy link
Owner

mislav commented Nov 5, 2014

I think this might be a case of turning on 2-factor auth makes old tokens obsolete. It might be a security feature.

We don't have a good system in place for reporting to you that your token might be invalid. You would just get a 401 back. Maybe we should suggest in the error message that you try to re-authenticate, but we don't have a dedicated hub subcommand to do auth yet. I think we should.

The problem is, a 401 could also mean that you tried to do something in a repo that you don't have access to. So it's not always a sign of invalid token.

@owenthereal
Copy link
Contributor

I think this might be a case of turning on 2-factor auth makes old tokens obsolete. It might be a security feature.

Ah...it makes sense now...

The problem is, a 401 could also mean that you tried to do something in a repo that you don't have access to. So it's not always a sign of invalid token.

Hmm...this is indeed a bumper. It'd be nice if the endpoint returns error messages explaining the reason of 401, be that invalid token or no access to repo.

@owenthereal
Copy link
Contributor

We actually don't show the cause of 401. The endpoint may already return the reason of the 401.

@weakish
Copy link
Author

weakish commented Nov 6, 2014

@jingweno mv ~/.config/hub ~/.config/hub.bak then HUB_VERBOSE=true hub fork works.

It asks for username, password and OTP, then forking succeed.

@mislav "turning on 2-factor auth makes old tokens obsolete" <-- Github or hub obsolete the token? I 've other script using manually added token, and it works fine after I turn on 2FA.

@owenthereal
Copy link
Contributor

"turning on 2-factor auth makes old tokens obsolete" <-- Github or hub obsolete the token?

I think @mislav meant GitHub obsoletes the token.

Closing. Feel free to reopen if there's still issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mislav @weakish @owenthereal