Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Docs-generated authTokens return 401 Unauthorized for generating releases #11999

Open
whitep4nth3r opened this issue Nov 29, 2024 · 3 comments
Open

Docs-generated authTokens return 401 Unauthorized for generating releases #11999

whitep4nth3r opened this issue Nov 29, 2024 · 3 comments
Assignees
@chargome
Labels
Bug Type: Platform Waiting for: Support

Comments

@whitep4nth3r
Copy link
Contributor

Steps to Reproduce

  1. Generate authToken via docs page (e.g. https://docs.sentry.io/platforms/javascript/guides/nuxt/manual-setup/#source-maps-upload)
  2. Attempt to use generated authToken in CI/CD for e.g. generating sourcemap uploads and releases
  3. Observe Sentry returns a 401 when attempting to use generated authToken for releases (sourcemaps upload is successful)

This might be intentional, because on the docs, the specified use case for the generated authToken is for sourcemaps upload. However, the Nuxt Sentry SDK attempted to automatically create a release during CI/CD build (without any further configuration from me) and this authToken did not have the permissions to send a POST request to POST https://sentry.io/api/0/projects/the-claw/pantherworld/releases/.

When generating an authToken via the Sentry app for the same organisation and project, this authToken had permissions for both sourcemap uploads AND posting a new release.

Expected Result

authTokens generated on the docs pages have the correct permissions required for releases as well as sourcemap uploads.

Actual Result

11:59:54 AM:   DEBUG   2024-11-29 11:59:54.865075967 +00:00 response status: 401
11:59:54 AM:   DEBUG   2024-11-29 11:59:54.865084898 +00:00 body: {"detail":"Invalid org token"}
11:59:54 AM:   error: API request failed
11:59:54 AM:   Caused by:
11:59:54 AM:   sentry reported an error: Invalid org token (http status: 401)

Image
Image

Additional Info

No response
@getsantry
Copy link
Contributor

getsantry bot commented Nov 29, 2024

Assigning to @getsentry/support for routing ⏲️

@getsantry getsantry bot moved this to Waiting for: Support in GitHub Issues with 👀 3 Nov 29, 2024
@chargome chargome self-assigned this Dec 2, 2024
@chargome chargome mentioned this issue Dec 4, 2024
Closed
@whitep4nth3r
Copy link
Contributor Author

whitep4nth3r commented Dec 6, 2024
edited
Loading

It looks like what happened is that I double clicked to copy the token, which didn't select the whole token.

I wonder how many other people have experienced this, so I wonder if there is a way to make this more obvious. Maybe we wrap the code in the code block so it's more obvious, it's also better for accessibility.

It's an old blog post but I wrote about it here: https://whitep4nth3r.com/blog/how-to-make-your-code-blocks-accessible-on-your-website/#elements-that-have-scrollable-content-should-be-accessible-by-keyboard

However, I wonder why did it let me upload sourcemaps in CI/CD and just fail on a release?

@chargome
Copy link
Member

Yeah wrapping the code block could make this more clear 👍 Not sure about the internals on how this token gets parsed and why sourcemap upload worked though

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@chargome chargome

Labels
Bug Type: Platform Waiting for: Support
Projects
Docs Platform
Status: Backlog
GitHub Issues with 👀 3
Status: Waiting for: Support
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(platform): Add CI scope to auth token creation getsentry/sentry-docs
2 participants
@chargome @whitep4nth3r