Proxy settings do not take effect on oauth #13208

New Issue

GiteaMirror · 2025-11-02T10:35:01-06:00

GiteaMirror commented

2025-11-02 10:35:01 -06:00

Originally created by @RonsonNamek on GitHub (Jun 26, 2024).

Description

I use gitea in docker, and set up oauth2 client with google. when i login with google, it shows account confirm page,

but after After continue, the page will stay for a few seconds, then redirect to my gitea page and show 500.

error page:

the gitea log:

2024/06/26 | 08:28:12 ...eb/routing/logger.go:68:func1() [W] router: slow GET /user/oauth2/Google/callback?state=ae3c5578-e834-46af-8213-030808afddcf&code=4%2F0ATx3LY5AXl-AaFvS2-Wd7HZQJG7S9AZj7R9C5_cXxXTf9vz7lEDHYlKpMx1SU30BkJ7sjw&scope=email+profile+openid+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&authuser=0&prompt=consent for 172.17.0.1:57394, elapsed 3865.0ms @ auth/oauth.go:906(auth.SignInOAuthCallback)
2024/06/26 | 08:11:44 ...rs/web/auth/oauth.go:957:SignInOAuthCallback() [E] UserSignIn: Post "https://oauth2.googleapis.com/token": dial tcp 172.217.160.74:443: i/o timeout

i config proxy in app.ini:

[proxy]
PROXY_ENABLED = true
PROXY_URL     = socks://192.168.25.2:1080
PROXY_HOSTS   = *.gmail.com,*.googleapis.com

[oauth2_client]
REGISTER_EMAIL_CONFIRM = true
ENABLE_AUTO_REGISTRATION = false
USERNAME = nickname
UPDATE_AVATAR = true
ACCOUNT_LINKING = login

when i use commandline in docker containner and try to connect https://oauth2.googleapis.com it also timeout:

curl https://oauth2.googleapis.com

but if i use

curl -x socks://192.168.25.2:1080 https://oauth2.googleapis.com

I will receive a response in less than 1 second.

so it proved my proxy config is ok, but when gitea call https://oauth2.googleapis.com/token, It's not using the proxy I configured

Gitea Version

1.22.0

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

No response

Screenshots

No response

Git Version

2.45.1

Operating System

No response

How are you running Gitea?

docker

Database

PostgreSQL

Originally created by @RonsonNamek on GitHub (Jun 26, 2024). ### Description I use gitea in docker, and set up oauth2 client with google. when i login with google, it shows account confirm page, <img width="803" alt="无标题" src="https://github.com/go-gitea/gitea/assets/5227189/2a502354-ab2d-43cb-b991-a6ceaaf26c77"> but after After continue, the page will stay for a few seconds, then redirect to my gitea page and show 500. error page: ![image](https://github.com/go-gitea/gitea/assets/5227189/09b09a64-dbf9-4d2c-bcb2-ac3ef0399068) the gitea log: ``` text 2024/06/26 | 08:28:12 ...eb/routing/logger.go:68:func1() [W] router: slow GET /user/oauth2/Google/callback?state=ae3c5578-e834-46af-8213-030808afddcf&code=4%2F0ATx3LY5AXl-AaFvS2-Wd7HZQJG7S9AZj7R9C5_cXxXTf9vz7lEDHYlKpMx1SU30BkJ7sjw&scope=email+profile+openid+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&authuser=0&prompt=consent for 172.17.0.1:57394, elapsed 3865.0ms @ auth/oauth.go:906(auth.SignInOAuthCallback) 2024/06/26 | 08:11:44 ...rs/web/auth/oauth.go:957:SignInOAuthCallback() [E] UserSignIn: Post "https://oauth2.googleapis.com/token": dial tcp 172.217.160.74:443: i/o timeout ``` i config proxy in app.ini: ``` ini [proxy] PROXY_ENABLED = true PROXY_URL = socks://192.168.25.2:1080 PROXY_HOSTS = *.gmail.com,*.googleapis.com [oauth2_client] REGISTER_EMAIL_CONFIRM = true ENABLE_AUTO_REGISTRATION = false USERNAME = nickname UPDATE_AVATAR = true ACCOUNT_LINKING = login ``` when i use commandline in docker containner and try to connect https://oauth2.googleapis.com it also timeout: ``` shell curl https://oauth2.googleapis.com ``` ![image](https://github.com/go-gitea/gitea/assets/5227189/6e5debac-5e05-4f16-992d-aa055cf5bde9) but if i use ``` shell curl -x socks://192.168.25.2:1080 https://oauth2.googleapis.com ``` I will receive a response in less than 1 second. ![image](https://github.com/go-gitea/gitea/assets/5227189/ce2a8b52-ed54-4fbf-98f9-675495db87d0) so it proved my proxy config is ok, but when gitea call https://oauth2.googleapis.com/token, It's not using the proxy I configured ### Gitea Version 1.22.0 ### Can you reproduce the bug on the Gitea demo site? No ### Log Gist _No response_ ### Screenshots _No response_ ### Git Version 2.45.1 ### Operating System _No response_ ### How are you running Gitea? docker ### Database PostgreSQL

GiteaMirror added the issue/workaround issue/not-a-bug labels 2025-11-02 10:35:01 -06:00

GiteaMirror commented

2025-11-02 10:35:02 -06:00

@techknowlogick commented on GitHub (Jul 9, 2024):

Hmm.. we use the goth library for oauth handling, so maybe we should pass our http client to the library so it can leverage our settings/configuration

@techknowlogick commented on GitHub (Jul 9, 2024): Hmm.. we use the goth library for oauth handling, so maybe we should pass our http client to the library so it can leverage our settings/configuration

GiteaMirror commented

2025-11-02 10:35:02 -06:00

@midasgossye commented on GitHub (Oct 4, 2024):

Just putting this here for anyone running into something similar. I had gitea running in a docker container on oracle cloud ubuntu 20.04 instance, and used nginx to serve it with a reverse proxy. I got exactly the same symptoms and log message outputs as the author of the issue. And it turned out the docker container didn't have access to the internet. I solved it by following the instructions here: https://www.dbarj.com.br/en/2020/11/docker-on-oracle-linux-8-with-no-access-to-the-internet-yum-error/

@midasgossye commented on GitHub (Oct 4, 2024): Just putting this here for anyone running into something similar. I had gitea running in a docker container on oracle cloud ubuntu 20.04 instance, and used nginx to serve it with a reverse proxy. I got exactly the same symptoms and log message outputs as the author of the issue. And it turned out the docker container didn't have access to the internet. I solved it by following the instructions here: https://www.dbarj.com.br/en/2020/11/docker-on-oracle-linux-8-with-no-access-to-the-internet-yum-error/

GiteaMirror commented

2025-11-02 10:35:03 -06:00

@RonsonNamek commented on GitHub (Oct 6, 2024):

I solved this by setting the container's environment variables, hopefully this helps someone else with the same problem.
HTTP_PROXY=socks5://192.168.25.2:1080
HTTPS_PROXY=socks5://192.168.25.2:1080
and proxy rules are handled by the proxy server.

@RonsonNamek commented on GitHub (Oct 6, 2024): I solved this by setting the container's environment variables, hopefully this helps someone else with the same problem. `HTTP_PROXY=socks5://192.168.25.2:1080` `HTTPS_PROXY=socks5://192.168.25.2:1080` and proxy rules are handled by the proxy server.

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/gitea#13208