B4G - Git token is incorrect
search cancel

B4G - Git token is incorrect

book

Article ID: 267519

calendar_today

Updated On:

Products

Endevor

Issue/Introduction

Using B4G 2.12.6 on Windows 10 with Github and got the following error:

2023-06-01 09:21:57.676  INFO 5260 --- [pool-2-thread-2] c.c.e.i.m.b.j.i.h.OperationScheduler     : Refresh scheduled for branch 
2023-06-01 09:22:03.604 ERROR 5260 --- [pool-2-thread-4] c.c.e.i.m.b.j.i.r.AbstractJobRunner      : Critical error perform the operation.

com.ca.endevor.integration.modules.shared.settings.api.exceptions.InvalidGitTokenException: Git token is incorrect.
        at com.ca.endevor.integration.modules.repository.git.impl.helper.JGitCredentialsHelper.checkNotAuthorized(JGitCredentialsHelper.java:36)

 

What token does this message refer to? 

 

Environment

Releases : 18.1,19.0

B4G 2.12.6

Cause

JWT token is generated based on the following setting in application.yml

app:  
  security     
    auth:
      # Generated token secret key which is 64 bytes long
      token-secret: <token_secret>

The git Apps has user-to-server access token expires in 8 hours setting. With this setting, user needs to provide new token-secret in application.yml to generate new access token and restart B4G after 8 hours.  

Resolution

 

1. For GitHub: Disabling User-to-Server Token Expiration
To configure GitHub User-to-Server tokens to be permanent (i.e., not expire), you need to adjust a setting within your GitHub App.

  1. Navigate to your GitHub App settings.
  2. Locate the "Optional features" menu item.
  3. Find the setting titled "User-to-server token expiration".
  4. Action: Ensure this setting displays the "Opt-in" button. If it currently displays "Opt-out", click it to change the status to "Opt-in".

2. For GitLab: Enabling Refresh Tokens

GitLab uses OAuth2 tokens for login only for GitLab versions 15 and higher. OAuth2 tokens do not expire when Bridge for Git is used with GitLab version 14 and lower.

If you are using GitLab 15+ you need to update your application.yml refresh-tokens section to:

refresh-tokens:
       enabled: true
       at-shutdown: true

3. Post-Configuration: Re-authentication with B4G

After applying the relevant configuration changes for either GitHub or GitLab, users must re-authenticate with B4G by logging into B4G.

Additional Information

Does this "Git token is incorrect" error have any impact on B4G task ?

Most likely there might be some mappings impacted by the expired token since the changes could not be propagated between git and Endevor.

In order to recover from this there are several steps that can be taken:

  1. In case of a mapping is in Initialization failed status - navigate to the specific mapping in "Endevor Inventory" and click on re-run button. This will re initialise the mapping.
  2. If the mapping is in Revert failed  status - navigate to the specific mapping in "Endevor Inventory" and click on "Synchronise now" for each branch that have this error.
  3. For the mappings were user don't see any issues in the BFG ui,  try push a dummy change to those branches in git in order to trigger any revert in case there are changes that were not propagated between Git repository and Endevor.
  4. Last step would be to run global sync back in Settings/Synck-back click on button "Sync back now" but only after user triggered sync/revert for each mapping branch using the dummy commit technique for all mappings. This will take all the changes that were not already propagated from Endevor to git making everything up to date on both sides.

One thing to note, the revert actions will create revert branches in git, therefore after everything is fixed user can merge those missed git changes through pull requests triggering the sync and propagating them to Endevor.

Powered by Wolken Software