GitHub Apps are not allowed access to search


#1

Hi,

I suddenly started getting

GitHub Apps are not allowed access to search

Code:

logger.debug(`GraphQL query: ${query}`);
const body = JSON.stringify({ query });
logger.debug(`GraphQL body: ${body}`);
return fetch("https://api.github.com/graphql", {
        method: "POST",
        body,
        headers: {
            Authorization: `Bearer ${accessToken}`
        }
}).then((res: any) => res.json());

Request:

GraphQL query: {
                          search(query: "type:pr repo:facebook/react in:title is:merged", type: ISSUE, first: 10) {
                              issueCount
                              pageInfo {
                                  endCursor
                                  startCursor
                              }

                          }
                      }

GraphQL body: {"query":"{\n search(query: \"type:pr repo:facebook/react in:title is:merged\", type: ISSUE, first: 10) {\n issueCount\n pageInfo {\n endCursor\n startCursor\n }\n \n }\n }"}

Response

response {
    "data": null,
    "errors": [
      {
        "message": "GitHub Apps are not allowed access to search",
        "type": "FORBIDDEN",
        "path": [
          "search"
        ],
        "locations": [
          {
            "line": 2,
            "column": 25
          }
        ]
      }
    ]
  }

It worked 1-2 days before.

Any ideas?


Using GraphQL API with Apps
#2

Tried to add, but didn’t help

Accept: "application/vnd.github.machine-man-preview+json"

Source: https://developer.github.com/changes/2018-05-21-additional-endpoints-for-github-apps/


#3

Seems like nobody tried to search from an App using GraphQL.


#4

We’re also facing the same issue.


#5

Hey @leonkyr and @sushant-hiray,

Unfortunately, the lack of Search with GitHub Apps + GraphQL is the proper behavior at the moment.

When we announced support for GitHub Apps and GraphQL about one month ago, there were still a handful of areas where GitHub Apps weren’t compatible - search being one of them.

Unfortunately, we made a mistake, and that restriction wasn’t always applied. Once we were made aware of it, we corrected it, which is why the behavior has changed.

We’re currently working on matching GraphQL with what’s available in the REST API, which is that server-to-server requests return public data, and user-to-server requests are not allowed to make requests.

I realize that this is likely not the answer that you wanted, it’s certainly not the one that I wanted to give. I’ll update this thread as soon as I have more information.


#6

Ah… Thanks @nickvanw,

Do you have any dates as a reference?


#7

Hey @leonkyr

Unfortunately, I don’t have an ETA right now :slightly_frowning_face: - I’ll keep this thread up to date as we get more information internally. Sorry again for the trouble!


Sorting issues by reaction count?
#8

I hope that this get fixed soon :pray:. It’s weird that user authenticated via GitHub app can’t search, even though the token used is their own (albeit generated via app integration)