I'm using GithubAuthProvider with the added scope repo to get the user's access token which is later used to access the GitHub GraphQL API (the GitHub App has the permissions for Contents and Metadata set to Read-only).
The problem is when I'm trying to list private repos. The API returns an empty array as if I don't have the required permissions. Moreover, when I try to list branches of a user's repo it returns an error of type FORBIDDEN.
Query:
query {
viewer {
repository(name: "some-repo") {
refs(refPrefix: "refs/heads/", first: 10) {
nodes {
name
}
}
}
}
}
Response:
{
"data": {
"viewer": {
"repository": {
"refs": null
}
}
},
"errors": [
{
"type": "FORBIDDEN",
"path": [
"viewer",
"repository",
"refs"
],
"extensions": {
"saml_failure": false
},
"locations": [
{
"line": 7,
"column": 7
}
],
"message": "Resource not accessible by integration"
}
]
}
What am I missing?
It turns out I read through the Firebase instructions too fast and created a Github App instead of an OAuth App.
It's now working as it should.