If you're receiving this error when trying to composer install.
Your GitHub OAuth token for github.com contains invalid characters
The solution is to update Composer to the latest version, which supports the new token format, as suggested by Jordi Boggiano on this tweet. "Composer 1.10.21 and 2.0.12 (both released April 1st) added support for the new GitHub token format."
phar
The following command will install the latest version of Composer on your machine—v2.2.6 as of this writing. Note that future Composer updates will break the script as shown here, as the sha384 hash check won't pass.
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php -r "if (hash_file('sha384', 'composer-setup.php') === '906a84df04cea2aa72f40b5f787e49f22d4c2f19492ac310e8cba5b96ac8b64115ac402c8cd292b8a03482574915d1a8') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
php composer-setup.php
php -r "unlink('composer-setup.php');"
You can use Homebrew to install (or reinstall) composer on macOS.
brew install composer
brew reinstall composer
2021.04.20
As I mentioned above, both Lukas Kahwe Smith and Jordi Boggiano discouraged tinkering with Composer's auth.json file manually and recommended upgrading Composer to its latest version instead.
Still, here's the brute-force fix that worked for me. Apparently, editing the auth.json is the only way to update to the latest Composer programmatically, and you can revert it to its original state if you opt for this option. The alternative, of course, is to upgrade as shown above.
Edit the composer authentication configuration file ~/.composer/auth.json.
nano ~/.composer/auth.json
Then replace the following.
"github-oauth": {
"github.com": "ghp_[YOUR-PERSONAL-TOKEN]"
}
With this (basic auth):
"http-basic": {
"github.com": {
"username": "[YOUR-GITHUB-USERNAME]",
"password": "ghp_[YOUR-PERSONAL-TOKEN]"
}
}
To Lukas Kahwe Smith and Jordi Boggiano for pointing this out on Twitter.