vouch-proxy: vouch-proxy with Gitea working on v0.17.4 but stops working on v0.18.0+

Describe the problem Getting 400 Bad Request after successful login to Gitea. Using exactly the same nginx, Gitea and vouch config, all working with vouch v0.17.4 (or earlier) but with vouch v0.18.0 (or later), I get 400 Bad Request. I have tried testing: true and all the redirects worked as expected, though still getting 400 Bad Request. It appears that the change between vouch v0.18.0 and v0.17.4 caused Gitea to respond oauth with

2020-12-23T23:22:32.753Z ERROR /auth Error while retreiving user info after successful login at the OAuth provider: oauth2: cannot fetch token: 400 Bad Request

Response: {"error":"unauthorized_client","error_description":"client is not authorized"}

Expected behavior No 400 Bad Request on vouch v0.18.0 (or later) just like how it was with vouch v0.17.4 (or earlier),

Desktop (please complete the following information):

  • OS: Windows 10
  • Browser: Firefox
  • Version: 84.0.1

About this issue

  • Original URL
  • State: open
  • Created 4 years ago
  • Comments: 21 (8 by maintainers)

Most upvoted comments

@layanto looks like gitea supports OIDC, what happens if you try oauth.provider: oidc (with and without code_challenge).

https://docs.gitea.io/en-us/oauth2-provider/

+1
bnfinet on Jan 28, 2021
Read more comments on GitHub
← vouch-proxy: too many redirects using duckdns.org domains
fiftyone: [BUG] FiftyOne import fails, Ubuntu 22.02 LTS →