We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
I'm trying to use OAuth2 provider using PKCE. The client I'm using is generating a code_challenge to use PKCE instead of the client secret.
"https://server:6443/login/oauth/authorize?response_type=code&state=FZTFQLkJnDLfuUKNWwfBCA&code_challenge=U6s7WQpA0soQBrhWSf3_FqQuDCw7aZ4TNd53lfX8-Is&code_challenge_method=S256&client_id=26b39a6d-fb09-417b-aa59-9d9866290983&scope=package&redirect_uri=https%3A%2F%2F127.0.0.1%3A5014%2Fauthentication%2Flogin-callback"
the problem is that gitea returns the following response: "https://127.0.0.1:5014/authentication/login-callback?code=gta_63q4l4vexpx2e5zmajgv7znj2wc5bsk2nc3fswjb76j3gsvwehxq&state=FZTFQLkJnDLfuUKNWwfBCA"
containing the following error: ValueKind = Object : "{"error":"unauthorized_client","error_description":"invalid client secret"}"
if I configure the client secret it works.
Is it possible that there is a problem into gitea PKCE management?
1.19.3
No
No response
Ubuntu 22.04.2 LTS
I'm running GITEA as stack on docker swarm node. image: gitea/gitea:1.19.3 image: postgres:11-alpine
PostgreSQL
The text was updated successfully, but these errors were encountered:
it looks like is this related to #25033?
Sorry, something went wrong.
tried gitea 1.20.0-rc-1 successfully
No branches or pull requests
Description
I'm trying to use OAuth2 provider using PKCE.
The client I'm using is generating a code_challenge to use PKCE instead of the client secret.
"https://server:6443/login/oauth/authorize?response_type=code&state=FZTFQLkJnDLfuUKNWwfBCA&code_challenge=U6s7WQpA0soQBrhWSf3_FqQuDCw7aZ4TNd53lfX8-Is&code_challenge_method=S256&client_id=26b39a6d-fb09-417b-aa59-9d9866290983&scope=package&redirect_uri=https%3A%2F%2F127.0.0.1%3A5014%2Fauthentication%2Flogin-callback"
the problem is that gitea returns the following response:
"https://127.0.0.1:5014/authentication/login-callback?code=gta_63q4l4vexpx2e5zmajgv7znj2wc5bsk2nc3fswjb76j3gsvwehxq&state=FZTFQLkJnDLfuUKNWwfBCA"
containing the following error:
ValueKind = Object : "{"error":"unauthorized_client","error_description":"invalid client secret"}"
if I configure the client secret it works.
Is it possible that there is a problem into gitea PKCE management?
Gitea Version
1.19.3
Can you reproduce the bug on the Gitea demo site?
No
Log Gist
No response
Screenshots
No response
Git Version
No response
Operating System
Ubuntu 22.04.2 LTS
How are you running Gitea?
I'm running GITEA as stack on docker swarm node.
image: gitea/gitea:1.19.3
image: postgres:11-alpine
Database
PostgreSQL
The text was updated successfully, but these errors were encountered: