Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Wrong OAuth2 Form target when running on modified root URL #8461

Closed
2 of 7 tasks
PeterNerlich opened this issue Oct 11, 2019 · 4 comments · Fixed by #8647
Closed
2 of 7 tasks

Wrong OAuth2 Form target when running on modified root URL #8461

PeterNerlich opened this issue Oct 11, 2019 · 4 comments · Fixed by #8647
Labels
issue/needs-feedback For bugs, we need more details. For features, the feature must be described in more detail

Comments

@PeterNerlich
Copy link

PeterNerlich commented Oct 11, 2019

Description

I have set gitea up in docker behind a reverse proxy (Traefik). We are not given subdomains so we have to work with prefixes like /git/. When trying to integrate drone into our setup, granting authorization to it fails. I think I traced it down to the "grant or cancel" form action url leading to /login/oauth/grant instead of /git/login/oauth/grant. Manipulating the HTML and clicking the button then worked.

Screenshots

Screenshot from 2019-10-11 11-38-17

@lafriks lafriks added type/bug issue/needs-feedback For bugs, we need more details. For features, the feature must be described in more detail and removed type/bug labels Oct 11, 2019
@lafriks
Copy link
Member

lafriks commented Oct 11, 2019

Looking at code I don't see anything wrong, have you set ROOT_URL in app.ini right?

@h3kker
Copy link

h3kker commented Oct 15, 2019

I have the same problem (reported in #8466 which I closed now again). My config is

ROOT_URL = https://example.com/repo/

but the POST also goes to the base (https://example.com/login/oauth/grant)

I also noted this on the configuration page (e.g. https://example.com/repo/user/settings/applications/oauth2/1)

@ghost
Copy link

ghost commented Oct 20, 2019

I'm also experiencing this on Drone. The URL redirect forgets the /git prefix
My config.ini file also shows:

ROOT_URL = https://git.domain.io/git

zeripath added a commit to zeripath/gitea that referenced this issue Oct 23, 2019
Fix go-gitea#8461 - fix misspelling of {{AppSubUrl}} and other misspelling in template
Fixes /explore and organisation redirection
@zeripath
Copy link
Contributor

The problem is here:

<form method="post" action="{{.AppSubUrl}}/login/oauth/grant">

If you change that line to:

<form method="post" action="{{AppSubUrl}}/login/oauth/grant">

The problem should be fixed.

You can either wait for #8647 to be merged, or if you can't use 1.11 you should be able to make a custom version of the user/auth/grant.tmpl with this fix.

zeripath added a commit that referenced this issue Oct 23, 2019
Fix #8461 - fix misspelling of {{AppSubUrl}} and other misspelling in template
Fixes /explore and organisation redirection
zeripath added a commit to zeripath/gitea that referenced this issue Oct 23, 2019
Partial backport without changes to locale files.

Fix go-gitea#8461 - fix misspelling of {{AppSubUrl}} and other misspelling in template
Fixes /explore and organisation redirection
zeripath added a commit to zeripath/gitea that referenced this issue Oct 23, 2019
Partial backport without changes to locale files.

Fix go-gitea#8461 - fix misspelling of {{AppSubUrl}} and other misspelling in template
Fixes /explore and organisation redirection
techknowlogick pushed a commit that referenced this issue Oct 23, 2019
Partial backport without changes to locale files.

Fix #8461 - fix misspelling of {{AppSubUrl}} and other misspelling in template
Fixes /explore and organisation redirection
techknowlogick pushed a commit that referenced this issue Oct 23, 2019
Partial backport without changes to locale files.

Fix #8461 - fix misspelling of {{AppSubUrl}} and other misspelling in template
Fixes /explore and organisation redirection
@go-gitea go-gitea locked and limited conversation to collaborators Nov 24, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
issue/needs-feedback For bugs, we need more details. For features, the feature must be described in more detail
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants