Random 401 API results


#1

Howdy Team,

We, at Codecov, are seeing infrequent and seemingly random 401/404 api statuses when using the new Integrations. The failed api requests appear to be the first api request upon creating an integration access token and subsequent api requests return 200 statuses.

Is this a known issue?
If proof or more data is need I can produce.

Thank you,
Steve


#2

Hi @stevepeak, hmmm, that’s not a known issue. Just to check the simplest fix first, is it possible that the token’s expires_at time is past on the failing requests?


#3

It’s certainly not the expiration because this chain of events occurs:

  1. Create access token
  2. API /repos/owner/repo/contents/codecov.yml results in 401 Bad Credentials
  • In this case the file does exist
  1. API /repos/owner/repo/commits/:sha results in 200

Both (2) and (3) use the same token.


I did a quick query on our logs and it shows that a 401 was returned upon first api request hundreds of times.
I’ve been able to replicate this issue in local development.

python test_gh_integration.py <install_id> <slug> /contents/codecov.yml
201 {u'token': u'v1.f8176...4c65', u'on_behalf_of': None, u'expires_at': u'2016-10-03T22:46:24Z'}
<Response [401]>

python test_gh_integration.py <install_id> <slug> /contents/codecov.yml
201 {u'token': u'v1.dc6256...84136b', u'on_behalf_of': None, u'expires_at': u'2016-10-03T22:55:04Z'}
<Response [200]>

Details I can get this to replicate pretty frequently. About 1/5 of the api requests return 401.


Thoughts about migrating from OAuth applications to Integrations
#4

Thanks for that @stevepeak. Would you be able to send us curl v output, or the full HTTP request and response from your logs, for both failing and successful requests? That will help us investigate further.


#5

I was unable to reproduce this in the 5 minutes of testing I did, just a moment ago.

However, I do have numerous logs from our server showing the 401 error.
They contain somewhat sensitive information that I would prefer to email you. Can you follow up with me at steve@codecov.io

The script I’m using to test is https://gist.github.com/stevepeak/2d6274bfc4c8570e7a0b49611cef1888


#6

Here is a perfect example of a commit in Codecov that had successful API request then failed 401 requests.

Each status check event performs the same sequence of transactions. Nothing is different between each check.


#7

We’re observing the very same behavior for our Greenkeeper Integration.


#8

Yes, this is on-going issue for us still… :frowning:


#9

Keeping it fresh! :sunny:

This is still an issue impacting our lovely customers using Codecov. Any news from GitHub?

Thank you!


#10

Hey @stevepeak and @boennemann. This is a confirmed issue on our side. Sorry it’s causing you trouble.

We’re looking into a solution, and we’ll update here once we have a fix out.


#11

Thank you @jmilas :thumbsup:


#12

Hi - we are also noticing this behavior. Are there any workarounds or updates for the fix?


#13

Another +1 here, we often see Octokit::Unauthorized errors when hitting the commits API right after getting an access token — followup requests seem to work.


#14

Hi! Apologies for the delay. We just shipped a tweak to this area, which should resolve the error you experienced with the initial requests. Let us know how you get on. Thanks!


#15

We have not seen this error since you shipped the fix—thanks! Will keep an eye on it, but it seems to be resolved from my view.


#16

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.