github-starred/gitea
2
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2026-03-12 10:39:38 -05:00
Code Issues 2.6k Packages Projects Releases 100 Wiki Activity

When Gitea acts as OAuth2 provider login fails #12231

New Issue
Closed
opened 2025-11-02 10:02:45 -06:00 by GiteaMirror · 3 comments
GiteaMirror commented 2025-11-02 10:02:45 -06:00
Owner
Copy Link

Originally created by @quartje on GitHub (Dec 19, 2023).

Description

I have configured an "Authorized OAuth2 Application"
My application redirects me to the OAuth2 authorize URL: /login/oauth/authorize?
This will then redirect me to the login page at /user/login
After I enter my credentails I am redirected back to the authorize URL.
The authorize URL will then redirect me back to the login page.

If I am already logged in to the Gitea web interface, and I do have a valid session it works as expected: The first authorize request redirects me back to my application with the code needed for the code flow.

I can reproduce this issue on the Gitea demo site

Gitea Version

1.21.2

Can you reproduce the bug on the Gitea demo site?

Yes

Log Gist

https://gist.github.com/quartje/ea9b6575e17a74f34a9189d0cab81aeb

Screenshots

No response

Git Version

No response

Operating System

Kubernetes

How are you running Gitea?

I use the Helm charts to run gitea in Kubernetes

Database

MySQL/MariaDB

Originally created by @quartje on GitHub (Dec 19, 2023). ### Description I have configured an "Authorized OAuth2 Application" My application redirects me to the OAuth2 authorize URL: /login/oauth/authorize? This will then redirect me to the login page at /user/login After I enter my credentails I am redirected back to the authorize URL. The authorize URL will then redirect me back to the login page. If I am already logged in to the Gitea web interface, and I do have a valid session it works as expected: The first authorize request redirects me back to my application with the code needed for the code flow. I can reproduce this issue on the Gitea demo site ### Gitea Version 1.21.2 ### Can you reproduce the bug on the Gitea demo site? Yes ### Log Gist https://gist.github.com/quartje/ea9b6575e17a74f34a9189d0cab81aeb ### Screenshots _No response_ ### Git Version _No response_ ### Operating System Kubernetes ### How are you running Gitea? I use the Helm charts to run gitea in Kubernetes ### Database MySQL/MariaDB
GiteaMirror added the type/bug label 2025-11-02 10:02:45 -06:00
GiteaMirror commented 2025-11-02 10:02:46 -06:00
Author
Owner
Copy Link

@miqsoft commented on GitHub (Jan 17, 2024):

I had the same issue.
For me the solution was to make sure that the redirect_uri within the query parameters is url safe.

@miqsoft commented on GitHub (Jan 17, 2024): I had the same issue. For me the solution was to make sure that the redirect_uri within the query parameters is url safe.
GiteaMirror commented 2025-11-02 10:02:47 -06:00
Author
Owner
Copy Link

@Zettat123 commented on GitHub (Feb 8, 2024):

I cannot reproduce this bug. Are there any errors on the client side?

@Zettat123 commented on GitHub (Feb 8, 2024): I cannot reproduce this bug. Are there any errors on the client side?
GiteaMirror commented 2025-11-02 10:02:47 -06:00
Author
Owner
Copy Link

@wxiaoguang commented on GitHub (Mar 7, 2024):

I think this problem has been fixed by:

-> Use strict protocol check when redirect #29642

The 1.21 nightly (pre-1.21.8) is ready, it is a stable release and will become 1.21.8 soon. Please take a try, if the problem is still not resolved, please help to provide more details. Thank you!

Get 1.21 nightly:

I think this issue could be closed. If there is any new problem, feel free to report 🙏

And sorry for the inconvenience caused by the bug.

@wxiaoguang commented on GitHub (Mar 7, 2024): I think this problem has been fixed by: -> Use strict protocol check when redirect #29642 ---- The 1.21 nightly (pre-1.21.8) is ready, it is a stable release and will become 1.21.8 soon. Please take a try, if the problem is still not resolved, please help to provide more details. Thank you! Get 1.21 nightly: * Docker: https://hub.docker.com/r/gitea/gitea/tags?page=1&name=nightly * Binary: https://dl.gitea.com/gitea/1.21/ ---- I think this issue could be closed. If there is any new problem, feel free to report 🙏 And sorry for the inconvenience caused by the bug.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
$20
$250
$50
$500
backport/done
💎 Bounty
docs-update-needed
good first issue
hacktoberfest
issue/bounty
issue/confirmed
issue/critical
issue/duplicate
issue/needs-feedback
issue/not-a-bug
issue/regression
issue/stale
issue/workaround
lgtm/need 2
modifies/api
modifies/translation
outdated/backport/v1.18
outdated/theme/markdown
outdated/theme/timetracker
performance/bigrepo
performance/cpu
performance/memory
performance/speed
pr/breaking
proposal/accepted
proposal/rejected
pr/wip
pull-request
Mirrored from GitHub Pull Request
 reviewed/wontfix
💰 Rewarded
skip-changelog
status/blocked
topic/accessibility
topic/api
topic/authentication
topic/build
topic/code-linting
topic/commit-signing
topic/content-rendering
topic/deployment
topic/distribution
topic/federation
topic/gitea-actions
topic/issues
topic/lfs
topic/mobile
topic/moderation
topic/packages
topic/pr
topic/projects
topic/repo
topic/repo-migration
topic/security
topic/theme
topic/ui
topic/ui-interaction
topic/ux
topic/webhooks
topic/wiki
type/bug
type/deprecation
type/docs
type/enhancement
type/feature
type/miscellaneous
type/proposal
type/question
type/refactoring
type/summary
type/testing
type/upstream
No Label type/bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/gitea#12231
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?