Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Gitea OAuth2 based SSO implementation not working #26945

Closed
Shakthijuego opened this issue Sep 6, 2023 · 4 comments
Closed

Gitea OAuth2 based SSO implementation not working #26945

Shakthijuego opened this issue Sep 6, 2023 · 4 comments
Labels
type/bug
Milestone
1.21.8

Comments

@Shakthijuego
Copy link

Description

We using a gitea as SSO for internal Jenkins installation. However in the recent version of Gitea. Jenkins successfully redirected to the git login screen. However, when the user enters their credentials it won't redirect back to Jenkins. It stays on the same page. Interestingly if the user is already logged in to Gitea, SSO perfectly works. ie When user click login on Jenkins screen they are taken to gitea login and redirected back to Jenkins with successful logon.

Gitea Version

gitea-1.20.3

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

No response

Screenshots

31cbb487ee619bcf70fc336c9bac826b6ba90096_2_1380x352

Git Version

No response

Operating System

No response

How are you running Gitea?

Behind ssl enabled nginx proxy. Possibly issue started after ssl enabled.

Database

SQLite
@Shakthijuego
Copy link
Author

One more update. Issues seems to solved if we urlencode the redirect_uri. I am not sure if this is the bug from gitea side or jenkins side. Please advice. Jenkins seems doesn't have a option to configure the redirect url.

@aravinda-b-juego aravinda-b-juego mentioned this issue Nov 2, 2023
Closed
@wxiaoguang
Copy link
Contributor

I think it will be fixed by

-> Use strict protocol check when redirect #29642

@lunny
Copy link
Member

lunny commented Mar 7, 2024

Closed by #29642

@lunny lunny closed this as completed Mar 7, 2024
@lunny lunny added this to the 1.21.8 milestone Mar 7, 2024
@wxiaoguang
Copy link
Contributor

wxiaoguang commented Mar 7, 2024
edited
Loading

One more update. Issues seems to solved if we urlencode the redirect_uri. I am not sure if this is the bug from gitea side or jenkins side. Please advice. Jenkins seems doesn't have a option to configure the redirect url.

Actually Jenkins should encode the URL parameter correctly (every URL parameter should be escaped correctly), but Gitea could still tolerate the incorrect URL parameters .... so #29642 could fix the problem. The fix will be backported to 1.21, when the 1.21 nightly build is ready, you could take a try.

Update:

The 1.21 nightly (pre-1.21.8) is ready, it is a stable release and will become 1.21.8 soon. Please take a try, if the problem is still not resolved, please help to provide more details. Thank you!

Get 1.21 nightly:

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 18, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
type/bug
Projects
None yet
Milestone
1.21.8
Development

No branches or pull requests
3 participants
@lunny @wxiaoguang @Shakthijuego