I have an API that is being called from a long running github action. There is a github token, GITHUB_TOKEN, which can be sent with requests to my API, but I can't find a way to verify which repo the token came from. Environment variable GITHUB_REPOSITORY is set in the action and I can ferry that along into my API, but I can't be certain that a bad actor isn't using a different github action and simply injecting their own GITHUB_REPOSITORYand sending it along to my API.
I tried to call https://api.github.com/user like:
curl --header 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' \
https://api.github.com/user
but it responds:
{
"message": "Resource not accessible by integration",
"documentation_url": "https://docs.github.com/rest/reference/users#get-the-authenticated-user"
}
I can only do certain github api calls with a token for the wrong repo, but many of these actions work for public github repos.
Given a GITHUB_TOKEN, how can I validate which repo the action token is from in both public and private repo actions? I'd prefer to do this in a read-only fashion. If I have to, I'll do it with some silly write to the repo which only github-actions for that repo may do, hopefully followed by an immediate erasure of my write.
This is not official and maybe it will change, but if you hit the collaborators endpoint it appears to fail if you try any repo other than the repo for which the GITHUB_TOKEN was issued:
curl -vv --header 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' \
https://api.github.com/repos/django/django/collaborators?per_page=1
Responds:
HTTP/2 403
[...]
{
"message": "Resource not accessible by integration",
"documentation_url": "https://docs.github.com/rest/reference/repos#list-repository-collaborators"
}
github support suggests using https://api.github.com/installation/repositories which should only return the github repository the token was issued from.