search

MbinOrg / mbin

Mbin: a federated content aggregator, voting, discussion and microblogging platform (By the community, for the community)
https://joinmbin.org
GNU Affero General Public License v3.0
238 stars 17 forks source link

GitHub SSO not working #889

Closed BentiGorlich closed 3 months ago

BentiGorlich commented 3 months ago

Describe the bug When trying to login to gehirneimer.de via GitHub I get a 500 Internal server error

On which Mbin instance did you find the bug? [gehirneimer.de]

Which Mbin version was running on the instance? [v1.6.0 ~ 7b97ec2108ad88cc3d8862d21676cfff9ae930cf]

To Reproduce Steps to reproduce the behavior:

  1. Configure GitHub SSO
  2. Try to login

Expected behavior The login should work

Additional context

{
    "message": "Uncaught PHP Exception League\\OAuth2\\Client\\Provider\\Exception\\GithubIdentityProviderException: \"Resource not accessible by integration\" at GithubIdentityProviderException.php line 51",
    "context": {
        "exception": {
            "class": "League\\OAuth2\\Client\\Provider\\Exception\\GithubIdentityProviderException",
            "message": "Resource not accessible by integration",
            "code": 403,
            "file": "/var/www/kbin/vendor/league/oauth2-github/src/Provider/Exception/GithubIdentityProviderException.php:51",
            "trace": [
                "/var/www/kbin/vendor/league/oauth2-github/src/Provider/Exception/GithubIdentityProviderException.php:19",
                "/var/www/kbin/vendor/league/oauth2-github/src/Provider/Github.php:110",
                "/var/www/kbin/vendor/league/oauth2-client/src/Provider/AbstractProvider.php:726",
                "/var/www/kbin/vendor/league/oauth2-github/src/Provider/Github.php:74",
                "/var/www/kbin/vendor/league/oauth2-client/src/Provider/AbstractProvider.php:865",
                "/var/www/kbin/vendor/knpuniversity/oauth2-client-bundle/src/Client/OAuth2Client.php:136",
                "/var/www/kbin/vendor/knpuniversity/oauth2-client-bundle/src/Client/Provider/GithubClient.php:24",
                "/var/www/kbin/src/Security/GithubAuthenticator.php:53",
                "/var/www/kbin/vendor/symfony/security-http/Authenticator/Passport/Badge/UserBadge.php:87",
                "/var/www/kbin/vendor/symfony/security-http/Authenticator/Passport/Passport.php:56",
                "/var/www/kbin/vendor/symfony/security-http/EventListener/UserCheckerListener.php:42",
                "/var/www/kbin/vendor/symfony/event-dispatcher/EventDispatcher.php:246",
                "/var/www/kbin/vendor/symfony/event-dispatcher/EventDispatcher.php:206",
                "/var/www/kbin/vendor/symfony/event-dispatcher/EventDispatcher.php:56",
                "/var/www/kbin/vendor/symfony/security-http/Authentication/AuthenticatorManager.php:180",
                "/var/www/kbin/vendor/symfony/security-http/Authentication/AuthenticatorManager.php:158",
                "/var/www/kbin/vendor/symfony/security-http/Authentication/AuthenticatorManager.php:140",
                "/var/www/kbin/vendor/symfony/security-http/Firewall/AuthenticatorManagerListener.php:40",
                "/var/www/kbin/vendor/symfony/security-bundle/Security/LazyFirewallContext.php:60",
                "/var/www/kbin/vendor/symfony/security-http/Firewall.php:128",
                "/var/www/kbin/vendor/symfony/security-http/Firewall.php:95",
                "/var/www/kbin/vendor/symfony/event-dispatcher/EventDispatcher.php:246",
                "/var/www/kbin/vendor/symfony/event-dispatcher/EventDispatcher.php:206",
                "/var/www/kbin/vendor/symfony/event-dispatcher/EventDispatcher.php:56",
                "/var/www/kbin/vendor/symfony/http-kernel/HttpKernel.php:154",
                "/var/www/kbin/vendor/symfony/http-kernel/HttpKernel.php:76",
                "/var/www/kbin/vendor/symfony/http-kernel/Kernel.php:185",
                "/var/www/kbin/vendor/symfony/runtime/Runner/Symfony/HttpKernelRunner.php:35",
                "/var/www/kbin/vendor/autoload_runtime.php:29",
                "/var/www/kbin/public/index.php:7"
            ]
        }
    },
    "level": 500,
    "level_name": "CRITICAL",
    "channel": "request",
    "datetime": "2024-07-10T10:24:19.222293+00:00",
    "extra": {}
}
ghost commented 3 months ago

hmm... i can't replicate this, seems to work? fresh install and it worked right away...

image

BentiGorlich commented 3 months ago

Did you do anything different when setting up the GitHub app? I documented it the way I did it here: https://docs.joinmbin.org/admin/optional-features/sso#github

ghost commented 3 months ago

so my callback URL is just the domain.tld... why that works i have no idea

image

BentiGorlich commented 3 months ago

Ah I created the wrong kind of GitHub app :D