Skip to content

500 Server Error after adding openid connect provider #23283

@cchartmann

Description

@cchartmann

Description

Instead of an informative error message i get an 500 Server Error.

Log:
.../providers_openid.go:42:CreateGothProvider() [W] [640291c5] Failed to create OpenID Connect Provider with name 'xxx' with url 'openid.xxx': Get "openid.xxx": unsupported protocol scheme ""

I think it would be possible to give this info in the Webinterface

The next 500 Server Error happens if the discovery URL returns HTML content.

Gitea Version

1.18.5

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

No response

Screenshots

No response

Git Version

No response

Operating System

No response

How are you running Gitea?

i use an release from Github on Uberspace
see this Guide for more info:
https://lab.uberspace.de/guide_gitea/

Database

MySQL

Activity

wxiaoguang

wxiaoguang commented on Mar 4, 2023

@wxiaoguang
Contributor

Could yuo check your URL in config? Maybe it should be "https://openid.xxx" but not "openid.xxx"

cchartmann

cchartmann commented on Mar 4, 2023

@cchartmann
Author

yes that is true. and i solved my problem but i would propose to make a more useful message than an 500 Server Error.

cchartmann

cchartmann commented on Mar 4, 2023

@cchartmann
Author

i think Gitea answers a lot of things with a 500 Server Error instead of an useful error message in cases in which it is possible to make an message, that describes the Problem, gives some useful information and could allow the user to change the input.

wxiaoguang

wxiaoguang commented on Mar 4, 2023

@wxiaoguang
Contributor

Agree to improve. There are a lot of 500 errors in Gitea, which is very unfriendly to end users.

It just needs time and manpower to clean them one by one .....

added a commit that references this issue on Mar 9, 2023
aa1bae9
ELISHELL

ELISHELL commented on Mar 10, 2023

@ELISHELL

i have a same problem.

I set up an openid provider with keycloack. return {"error":"invalid_grant","error_description":"Code not valid"}

gitea logs:

2023/03/10 12:32:03 ...rs/web/auth/oauth.go:914:SignInOAuthCallback() [E] [640ab2c3] UserSignIn: oauth2: cannot fetch token: 400 Bad Request

Response: {"error":"invalid_grant","error_description":"Code not valid"}

2023/03/10 12:32:03 [640ab2c3] router: completed GET /user/oauth2/sso/callback?state=c5cf88da-769b-417b-a451-901244628e34&session_state=74ca5811-632b-4de3-a59a-0be4b8370212&code=c1af9b2c-657b-4569-9b1f-49e7c6e2d5c0.74ca5811-632b-4de3-a59a-0be4b8370212.f9fe9635-f7bd-408a-900a-0711fd0c5d2f for ...:0, 500 Internal Server Error in 451.5ms @ auth/oauth.go:877(auth.SignInOAuthCallback)

keycloak logs:

12:32:03,582 WARN [org.keycloak.events] (default task-21) type=CODE_TO_TOKEN_ERROR, realmId=xhkj, clientId=gitea_fanle_work, userId=3d4b845d-f6f3-4559-8b64-9f9094ce9712, ipAddress=..., error=not_allowed, grant_type=authorization_code, code_id=74ca5811-632b-4de3-a59a-0be4b8370212, client_auth_method=client-secret

12:32:03,585 WARN [org.keycloak.protocol.oidc.utils.OAuth2CodeParser] (default task-21) Code 'c1af9b2c-657b-4569-9b1f-49e7c6e2d5c0' already used for userSession '74ca5811-632b-4de3-a59a-0be4b8370212' and client 'f9fe9635-f7bd-408a-900a-0711fd0c5d2f'.

12:32:03,586 WARN [org.keycloak.events] (default task-21) type=CODE_TO_TOKEN_ERROR, realmId=xhkj, clientId=gitea_fanle_work, userId=null, ipAddress=..., error=invalid_code, grant_type=authorization_code, code_id=74ca5811-632b-4de3-a59a-0be4b8370212, client_auth_method=client-secret

added a commit that references this issue on Mar 10, 2023
dad057b
added a commit that references this issue on Mar 10, 2023
7fa8337
added a commit that references this issue on Mar 10, 2023
edb618c
locked and limited conversation to collaborators on May 3, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

      Participants

      @wxiaoguang@ELISHELL@cchartmann

      Issue actions

        500 Server Error after adding openid connect provider · Issue #23283 · go-gitea/gitea