github-starred/pangolin
2
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-05-06 20:59:07 -05:00
Code Issues 564 Packages Projects Releases 72 Wiki Activity

[GH-ISSUE #2188] OICD broken #2092

New Issue
Closed
opened 2026-04-16 09:05:01 -05:00 by GiteaMirror · 2 comments
GiteaMirror commented 2026-04-16 09:05:01 -05:00
Owner
Copy Link

Originally created by @Hawolex on GitHub (Dec 30, 2025).
Original GitHub issue: https://github.com/fosrl/pangolin/issues/2188

Describe the Bug

The OICD with PocketID have worked before.
My ID work now with Nextcloud, Grafana, Proxmox, Gitea and Mail-Archiver. sp safe to say the PocketID session still works.

pangolin | Making OIDC URL generation request to: http://localhost:3000/api/v1/auth/idp/1/oidc/generate-url pangolin | Making OIDC callback validation request to: http://localhost:3000/api/v1/auth/idp/1/oidc/validate-callback pangolin | 2025-12-30T21:48:57+00:00 [error]: Unexpected token type: Number, value: NaN pangolin | Stack: ParserError: Unexpected token type: Number, value: NaN pangolin | at Parser.parse (/app/node_modules/jmespath/jmespath.js:513:27) pangolin | at Object.search (/app/node_modules/jmespath/jmespath.js:1664:25) pangolin | at validateOidcCallback (file:///app/dist/server.mjs:31211:34) pangolin | at process.processTicksAndRejections (node:internal/process/task_queues:103:5) {"name":"ParserError"}

This is the error i get in the logs

Image

This worked before and if the user was not assigned an org they just got an empty profile.
The settings are set to provision the user.

The Callback have propagatet back to the OICD
https://TLD/auth/idp/2/oidc/callback

https://TLD/api/oidc/token
https://TLDauthorize

Have removed the OICD setup on both ends. Restared the stacks on both ends and configured the setup again, same result.

Any idea on where to look next or is this a breake in the last updates.
Tried roll back as far as i can bore i can`t start the stack. Did not solve it.

To take the whole Pangolin stack down for a reinstall in not an option atm.

Environment

Ubuntu 24.05 LTS
Docker `Client: Docker Engine - Community
Version: 29.1.3
API version: 1.52
Go version: go1.25.5
Git commit: f52814d
Built: Fri Dec 12 14:49:32 2025
OS/Arch: linux/amd64
Context: default

Server: Docker Engine - Community
Engine:
Version: 29.1.3
API version: 1.52 (minimum version 1.44)
Go version: go1.25.5
Git commit: fbf3ed2
Built: Fri Dec 12 14:49:32 2025
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: v2.2.1
GitCommit: dea7da592f5d1d2b7755e3a161be07f43fad8f75`

pangolin:1.14.1
gerbil:latest
traefik:latest

Newt v1.8.1

To Reproduce

Don`t know if anyone will get the same result with Pocket or any other OAuth2/OIDC setup

Expected Behavior

Expected the new user to be created and sign in.

Originally created by @Hawolex on GitHub (Dec 30, 2025). Original GitHub issue: https://github.com/fosrl/pangolin/issues/2188 ### Describe the Bug The OICD with PocketID have worked before. My ID work now with Nextcloud, Grafana, Proxmox, Gitea and Mail-Archiver. sp safe to say the PocketID session still works. `pangolin | Making OIDC URL generation request to: http://localhost:3000/api/v1/auth/idp/1/oidc/generate-url pangolin | Making OIDC callback validation request to: http://localhost:3000/api/v1/auth/idp/1/oidc/validate-callback pangolin | 2025-12-30T21:48:57+00:00 [error]: Unexpected token type: Number, value: NaN pangolin | Stack: ParserError: Unexpected token type: Number, value: NaN pangolin | at Parser.parse (/app/node_modules/jmespath/jmespath.js:513:27) pangolin | at Object.search (/app/node_modules/jmespath/jmespath.js:1664:25) pangolin | at validateOidcCallback (file:///app/dist/server.mjs:31211:34) pangolin | at process.processTicksAndRejections (node:internal/process/task_queues:103:5) {"name":"ParserError"}` This is the error i get in the logs <img width="445" height="233" alt="Image" src="https://github.com/user-attachments/assets/ec2ff12c-cbe8-491a-b70f-e444f0320528" /> This worked before and if the user was not assigned an org they just got an empty profile. The settings are set to provision the user. The Callback have propagatet back to the OICD https://**TLD**/auth/idp/2/oidc/callback https://**TLD**/api/oidc/token https://**TLD**authorize Have removed the OICD setup on both ends. Restared the stacks on both ends and configured the setup again, same result. Any idea on where to look next or is this a breake in the last updates. Tried roll back as far as i can bore i can`t start the stack. Did not solve it. To take the whole Pangolin stack down for a reinstall in not an option atm. ### Environment Ubuntu 24.05 LTS Docker `Client: Docker Engine - Community Version: 29.1.3 API version: 1.52 Go version: go1.25.5 Git commit: f52814d Built: Fri Dec 12 14:49:32 2025 OS/Arch: linux/amd64 Context: default Server: Docker Engine - Community Engine: Version: 29.1.3 API version: 1.52 (minimum version 1.44) Go version: go1.25.5 Git commit: fbf3ed2 Built: Fri Dec 12 14:49:32 2025 OS/Arch: linux/amd64 Experimental: false containerd: Version: v2.2.1 GitCommit: dea7da592f5d1d2b7755e3a161be07f43fad8f75` pangolin:1.14.1 gerbil:latest traefik:latest Newt v1.8.1 ### To Reproduce Don`t know if anyone will get the same result with Pocket or any other OAuth2/OIDC setup ### Expected Behavior Expected the new user to be created and sign in.
GiteaMirror commented 2026-04-16 09:05:02 -05:00
Author
Owner
Copy Link

@dem0ngo commented on GitHub (Jan 2, 2026):

I was having the exact same issue as you when I tried using the incorrect organization ID for auto-provisioning! I was very tired and put the site ID for some reason which led to this error you have. Once I finally realized I could just leave the "Default Organization Mapping' empty since I only have one org that I want all users added to, it worked correctly. Mine looks like this currently:

Image
<!-- gh-comment-id:3705824008 --> @dem0ngo commented on GitHub (Jan 2, 2026): I was having the _exact_ same issue as you when I tried using the incorrect organization ID for auto-provisioning! I was very tired and put the site ID for some reason which led to this error you have. Once I finally realized I could just leave the "Default Organization Mapping' empty since I only have one org that I want all users added to, it worked correctly. Mine looks like this currently: <img width="1594" height="323" alt="Image" src="https://github.com/user-attachments/assets/6088ca1a-5a06-4c37-ab87-d966e07cc26a" />
GiteaMirror commented 2026-04-16 09:05:03 -05:00
Author
Owner
Copy Link

@Hawolex commented on GitHub (Jan 2, 2026):

Thanks @dem0ngo
You helped me solved the issue when i got your syntax, and had group insted of groups.

Image
<!-- gh-comment-id:3705917051 --> @Hawolex commented on GitHub (Jan 2, 2026): Thanks @dem0ngo You helped me solved the issue when i got your syntax, and had group insted of groups. <img width="765" height="215" alt="Image" src="https://github.com/user-attachments/assets/b8ec3f07-0411-4112-90f6-b2780d2a5ec2" />
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
api
authentication
bug
config
dependencies
docker
documentation
enhancement
good first issue
help wanted
Improvement
Look Into
needs investigating
networking
new feature
non-critical bug
potential bug
pull-request
Mirrored from GitHub Pull Request
 question
reverse proxy
Security
stale
ui
wontfix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/pangolin#2092
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?