hi everyone, another user with difficulties with hooking up drone to gitea via oauth2. Set up done as per: https://docs.drone.io/server/provider/gitea/
After authorising drone via the consent screen on gitea, I now get a login failure in drone with no error message on the drone failure page.
https://droneci.domain.com:
Gitea logs look like this:
[Macaron] 2020-01-22 15:24:24: Started GET /login/oauth/authorize?client_id=<oauth2 client id>&redirect_uri=https%3A%2F%2Fdroneci.domain.com%2Flogin&response_type=code&state=3c04951aa42655d9 for <browser IP>
[Macaron] 2020-01-22 15:24:24: Completed GET /login/oauth/authorize?client_id=<oauth2 client id>&redirect_uri=https%3A%2F%2Fdroneci.domain.com%2Flogin&response_type=code&state=3c04951aa42655d9 302 Found in 65.788863ms
[Macaron] 2020-01-22 15:24:25: Started GET /login/oauth/access_token for 172.29.0.3
[Macaron] 2020-01-22 15:24:25: Completed GET /login/oauth/access_token 404 Not Found in 3.678051ms
Drone logs:
{"fields.time":"2020-01-22T15:24:24Z","latency":72361,"level":"debug","method":"GET","msg":"","remote":"172.29.0.1:50180","request":"/login","request-id":"1WkvyvdzFQrUkuu1YY01IlOMNpK","time":"2020-01-22T15:24:24Z"}
{"level":"debug","msg":"events: stream opened","request-id":"1Wkvyv6CiFXFtmiRewnkRDMZ9zt","time":"2020-01-22T15:24:24Z"}
{"level":"error","msg":"oauth: cannot exchange code: xycojr2z43z3R9AaCFsM1bTG4JLpeZ6wgpAwL_aaIL4=: : ","time":"2020-01-22T15:24:25Z"}
{"level":"debug","msg":"cannot authenticate user: : ","time":"2020-01-22T15:24:25Z"}
{"fields.time":"2020-01-22T15:24:25Z","latency":12547201,"level":"debug","method":"GET","msg":"","remote":"172.29.0.1:50184","request":"/login?code=xycojr2z43z3R9AaCFsM1bTG4JLpeZ6wgpAwL_aaIL4%3D\u0026state=3c04951aa42655d9","request-id":"1Wkvz2ybv3ayGlzBcOipIkUFKxJ","time":"2020-01-22T15:24:25Z"}
{"fields.time":"2020-01-22T15:24:25Z","latency":22504,"level":"debug","method":"GET","msg":"","remote":"172.29.0.1:50184","request":"/login/error?message=:","request-id":"1WkvyxbhEIFB7BYOaH6280SuxSA","time":"2020-01-22T15:24:25Z"}
{"level":"debug","msg":"api: authentication required","request-id":"1WkvyyIkUXk7DXk0Ul4nPBKZwcG","time":"2020-01-22T15:24:25Z"}
{"level":"debug","msg":"api: guest access","request-id":"1WkvyyIkUXk7DXk0Ul4nPBKZwcG","time":"2020-01-22T15:24:25Z"}
{"fields.time":"2020-01-22T15:24:25Z","latency":80199,"level":"debug","method":"GET","msg":"","remote":"172.29.0.1:50184","request":"/api/user","request-id":"1WkvyyIkUXk7DXk0Ul4nPBKZwcG","time":"2020-01-22T15:24:25Z"}
{"fields.time":"2020-01-22T15:24:25Z","latency":66744,"level":"debug","method":"GET","msg":"","remote":"172.29.0.1:50184","request":"/favicon.png","request-id":"1WkvyxmVmfoIo6YT3W02M8QSuN0","time":"2020-01-22T15:24:25Z"}
{"level":"debug","msg":"events: stream opened","request-id":"1Wkvz337jXGpfpCkNyCv8iPIzMY","time":"2020-01-22T15:24:25Z"}
Drone docker-compose file:
services:
drone:
image: drone/drone:1.6.4-linux-amd64
environment:
- DRONE_GITEA_CLIENT_ID=<oauth2 id>
- DRONE_GITEA_CLIENT_SECRET=<oauth2 secret>
- DRONE_GITEA_SERVER=http://code.domain.com
- DRONE_RPC_SECRET=<RPC secret>
- DRONE_SERVER_HOST=droneci.domain.com
- DRONE_SERVER_PROTO=https
- DRONE_LOGS_DEBUG=true
- DRONE_GITEA_DEBUG=true
volumes:
- drone_data:/data
ports:
- "127.0.0.1:<%= @proxy_port_http %>:80"
networks:
droneci_default:
runner:
image: drone/drone-runner-docker:1.2.0
environment:
- DRONE_RPC_HOST=drone
- DRONE_RPC_PROTO=http
- DRONE_RPC_SECRET=<RPC secret>
- DRONE_RUNNER_CAPACITY=2
- DRONE_RUNNER_NAME=${HOSTNAME}
volumes:
- /var/run/docker.sock:/var/run/docker.sock
networks:
droneci_default:
I have scoured github issues both on the drone and gitea sides, and found that this user had similar logs (but no proposed solution): drone not able to auth via oauth2 · Issue #6939 · go-gitea/gitea · GitHub
It’s my understanding that the /login/oauth/access_token endpoint should receive POST requests and that, in this respect, returning 404 on a GET would be correct from Gitea.
Gitea 1.10.2 and drone 1.6.4 both via docker.