search

ctftime / ctftime.org

meta repository for ctftime.org issues, feature-requests etc
69 stars 1 forks source link

ctftime oauth2 token endpoint (https://oauth.ctftime.org/token) returns 403 #326

Closed Trolldemorted closed 1 year ago

Trolldemorted commented 1 year ago

We are getting Forbiddens from your token endpoint, did something change on your end? It has definitely worked before, and must have broken in the last few days. Did you migrate to cloudflare recently? Are we running into cloudflare limits?

Since ENOWARS is on Saturday we are kind of nervous :|

      Request starting HTTP/1.0 GET http://23.88.111.63:5001/authorized?code=[redacted]&state=[redacted] - -
fail: Microsoft.AspNetCore.Server.Kestrel[13]
      Connection id "0HMS6ITV0UO3U", Request id "0HMS6ITV0UO3U:00000002": An unhandled exception was thrown by the application.
      System.Exception: An error was encountered while handling the remote login.
       ---> System.Exception: OAuth token endpoint failure: Status: Forbidden;Headers: Date: Mon, 17 Jul 2023 07:32:32 GMT
      Transfer-Encoding: chunked
      Connection: close
      Cross-Origin-Embedder-Policy: require-corp
      Cross-Origin-Opener-Policy: same-origin
      Cross-Origin-Resource-Policy: same-origin
      Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
      Referrer-Policy: same-origin
      X-Frame-Options: SAMEORIGIN
      cf-mitigated: challenge
      Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwO1d1UM8fI1Oyqw4c9o%2FZFX8lXQAmP4cvT8fddEoB0Ih3f9y0tCRUQ9BjaRCOAGLc4hHpeDSj%2FW068wvdE%2BuFcL602H3%2FbxOxnakQiivTgNPSJZMPPzXJVH%2FDWiYtfwRUCwOg%3D%3D"}],"group":"cf-nel","max_age":604800}
      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      Server: cloudflare
      CF-RAY: 7e80caa84e0c2bd1-FRA
      ;Body: <!DOCTYPE html>
      <html lang="en-US">
      <head>
          <title>Just a moment...</title>
          <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
          <meta http-equiv="X-UA-Compatible" content="IE=Edge">
          <meta name="robots" content="noindex,nofollow">
          <meta name="viewport" content="width=device-width,initial-scale=1">
          <link href="/cdn-cgi/styles/challenges.css" rel="stylesheet">
      </head>
      <body class="no-js">
          <div class="main-wrapper" role="main">
          <div class="main-content">
              <noscript>
                  <div id="challenge-error-title">
                      <div class="h2">
                          <span class="icon-wrapper">
                              <div class="heading-icon warning-icon"></div>
                          </span>
                          <span id="challenge-error-text">
                              Enable JavaScript and cookies to continue
                          </span>
                      </div>
                  </div>
              </noscript>
              <form id="challenge-form" action="/token?__cf_chl_f_tk=7i41aovYTzSdPTfgD96i4BX0YytlBQtKoQ5.RKKLVNE-1689579152-0-gaNycGzNCxA" method="POST" enctype="application/x-www-form-urlencoded">
                  <input type="hidden" name="md" value="tGsdNs5xFGlKdtpYILPspqBGSJ5dBY64ExVjF3qVtZQ-1689579152-0-AUdFjucJTZCN_7LEPzQKuZiqseH8J35NzU7dWR72_YjVEz0e4nWOlB2-ek18iLgFvH0Lkk9ItPBsYD9hyRP9-nr-KKpHMSbVqWphKFQ_TXnHwTt-KjlIwU-bXGjWYjH8dUl0Q_F4vI5sNyyVQ3njizc10o41Ml8it3E2Neax6GHsW17V1jWQgL11tLBH9zBLFSRtcS6OVLxI2tqdZpwVWWHUd7H4MrGH-O-JttAbx1SLPtc8BpHlVgGN9ySbCUD5znVsvKG0hBGTzBpqOhJklQ1ZEJ50cnftSgbUZMNPVg2YM2vVMl_x9OeCtPVTRkJw-lq6Y1SPf7pFw3nqOhcBzIWcFqu5NWz0l1XfAJ3h3FNlDktpohsvCfDplUv-xHDxmT9vkT-jzIn-SAkgsBWYl113xHFNiyOjnb4HysriBykv43RICHUSw1GqA-oPikjv3HC1TLGtA70IahhsZXBoA46g1jKKVMw5oOayT2IwgoS_6WDtg6jQ8O1uDDY13FXFJ4WUa9JplP67_RybDLLJVmgem-t7MCtFemaAHCWt06iQ0g1UykESzCYDzaA04hTXVAuufggQt0WowoFJBeBaXYtYidvNWasD2imP7cH4I_w6hEDz9Vseji1WYpEsdDbxxA38kfUBMRsjDNHb66vmZniC0uiJW5540ffaZdbNWPwXjqTJUCdvLxIHOgAJ2DvYWus2Xx2gC6Hrlx4cqjg6OU3bLmtdqYXM3qTzh4KEFAXsXteof9-NsrvKjjDnTFi_RmRsPK4YKcHn0XYAmPHd3lqOzZTQuclIsoa3pS3YoRCTz2k732eE_jlUsM_GN-4jdKvJY3b3gry0h8BmkWLZoJvqcalsMDDrl27OnBg_ziItfGRNWavmzkKMKef4lWV6p7Fr1O44BPe42uRpUQ4-URPcfgSLktYbiFyaGmulIaBsLCq3Tx6b8A7Wz9QI3SmyVmTGRYb3Lk8Rvek4tIVWytGk9ZUinHwInmSva9Nofm8bKukLB03pyptrgLYTlVxL3I_bTKJtXf1sXm1_quAVtX5AWjyqt_q-UyoBsnjbX_ni9fJgNJUnerh6vHGGrhsI3nUmOx_HAlb_jNeI1vb_-a2SIZy-tEZCl-p1g5kDIaq3DX-3Ue5YlQPNcz0WU3Mc51c3rAjRZp1ydnQLbs1NpCuEBbeRDPwxVfIrcAPJaNIsETdtl596GviU5pavL0PXMgawjJJ7Y-DP-HvR008hTBKhyg6i1vYRPZqmKm4sxndNbj6brYl7aSgTLUNyfOGIiW8JnnByJnIinabqTZXbObRItqaFmWiJzLVxZn-XJKSJzM8ZAFrr7NVSQGfflhMX8CFnRUHl4H_uw8gukrTv037apGh8dTYjYsQya076lWhr6DjSXBcc_rI1u7pG6mgKig6xBYmGHAe0ZBCTObJFueBXPGYD5n0kYU6KECJ9ByKj7wM7DLEfLBb1BLTc7DDS7TD-hJCrOAM2MSz5Ywsq59DZWa3rkZfYVnOJLbGt-BW7Ue__VdFeeyaXRGo5QT4GDRkFPuaprg9Wh59iZTzVDp9cmwDrBF_Q5h7nuteZySooDWbNyHvW0oeiBQj3Y27Q4u8ykswaWmf6OrRmjVE280wQ84-HHrv0grvFwW0DTDo7ffaanpQn09D72nt_4rgzm-6bzQkWBCqqX95811XMZhGsADbP9pCqabnetbyz7_XiYvUkmgrjqQa0EyZ4xhYKNynb_EnrD3pSDkEjkMTz6b5tRotTmmQGBf57GzSWUu3MhpRQVlB1SRm1gveNd2oR6kW3OP3YPq6kSnkURBIPQhyLXMjFTDNoJh_rqxNsktc6idGLvfxeOpsZJvj2KPRhwjXQLyfMwpeoLNMWde2NKMyiyMXmZ6J6eIztM6Uw5P1VJ4VGCn50WfV-wCnKNKXoLs4TcDWdLS5-sUWPmlBs4tlsjgJGbmsRMkUVKdPaJEaZcSRTpPOwY8Dh2puQvVa2uzyeIbLsXIRTXEf2LLHVm4MfYvGlGCB6ETNv3UabLWSLmSJYFHkl8HEVk3F5GCO586pmc2awUx0yNfY4rA3_TaZK2A2nFl6KuX8wc7TKdl8ZsBHus3Px4UotZDnfkJ1Twdw3BRte5s7GxlO2fjqPbZrDphhS93gBX4SIEoUFtEf9oJzhY_oF-ySn6ljLujFOpljggfE8W-BrY5dHTJgwqlR5CHw27dYowLcG18mn5UOse87gJVn3KlHueQiteWa7CFYwJzWL1ohImjXDO8WhfPuM6PzoFUxq_bcwCaXDmzViRW47y6AQ4EaINYx8LNAymJR6BvCXzVSD4503MSIEK5192M31epz5zuou6juOuQG0-dIyum4MhMhZ7StJI7h2NQQuJyWuDRTq5wBrQ7GebEbjywQRfoh349IDyNtYdBF9nphRldcj7gIykj09FT43FqNA76YqZGjzjsJfMs8K0W7sxyUdVAUixREAxgLPvdjHsXLJfOuT3xO-5ZEo4J17GOQzabSeVKSdVxVH38HtBHgCm27P5RTSdCdPQTL_D3Sfg_MnQo9HRAVHsO7tVnTXJYHS2_USy8pjs4wrABuKocViz7X6YYDI7yRdWTYnBqdk3M3d1uq9siX2fsUFp2AfCxdvuYYth0ox6cz_Nf-OsSSz4I5hp0zeKi4uthm8fJ9FL9MCjQvhW0-GBvXIj_d9cnnX40Tzae-FYDTitPZr5lV4FBAyUcYZps_uz3redo3c6HAQ5Jv8fxmyvgO_rmE10Ssirvb5m6NUUbvTs_4E-VY">
              </form>
          </div>
      </div>
      <script>
          (function(){
              window._cf_chl_opt={
                  cvId: '2',
                  cZone: 'oauth.ctftime.org',
                  cType: 'managed',
                  cNounce: '4449',
                  cRay: '7e80caa84e0c2bd1',
                  cHash: '55cfb34bf6746f4',
                  cUPMDTk: "\/token?__cf_chl_tk=7i41aovYTzSdPTfgD96i4BX0YytlBQtKoQ5.RKKLVNE-1689579152-0-gaNycGzNCxA",
                  cFPWv: 'b',
                  cTTimeMs: '1000',
                  cMTimeMs: '0',
                  cTplV: 5,
                  cTplB: 'cf',
                  cK: "",
                  cRq: {
                      ru: 'aHR0cHM6Ly9vYXV0aC5jdGZ0aW1lLm9yZy90b2tlbg==',
                      ra: 'TWljcm9zb2Z0IEFTUC5ORVQgQ29yZSBPQXV0aCBoYW5kbGVy',
                      rm: 'UE9TVA==',
                      d: 'nq58QJmD88qtRXCWHl14fDS09hXsRh7zY89bPOGBUrtapbfrpi1ywRDaKKgksbwCBxY4WlGFRFQKtUv8PffIii+4JTt6zTV9Ak1ABS9NDJ5u8WxkiMu2uWUwAADnNDOYrA2BuvJO9ir1ASC81iYOjhFbPjX3VrhOZ48meTU0joOOTTtRufgG0IoVuVKivoPlx54MC0JyyvHHA0dLxuMhraF/kAkMIDoGl1ItmKeR4n3AeVuFLCag3AbiSQakKQBltsh7Pig+rfp5ntgLoY2Z3FjsU/wb1toN+hWAdbLmEVM5VIgbnsmA39bcDb0OBN16xF4y5VBAvodbc20l+iwg8wvfjlNt6KQPO29aFk6QLP7z/Qqn+IDLFjbh2AhN70yuktySEIn4abB+cPtdxTPh7+d8BtJqAiP8zp3oyZRw88VLmoWmT/gcjy7YmmnKsXjw/eZ109/5gQ3M+yGMgeQGAsOMRseEX1n49jmNka4nrOY=',
                      t: 'MTY4OTU3OTE1Mi42ODcwMDA=',
                      cT: Math.floor(Date.now() / 1000),
                      m: '9El6N1PFA0gIRXwOndGfXDuZJ0fXxEss6YD2s20hDrk=',
                      i1: '6SeRwPQCWXXAJsCTrykiuw==',
                      i2: 'WHS9qksGeMjgpOv8pystmg==',
                      zh: 'eLJmsLpYmM8dz761t02zlyh2xMvENOpegsPf8z8VSww=',
                      uh: 'YVpZEpbMu8oogA/UZmyrqYqS5bYQgzLHw5OYm5KHdDM=',
                      hh: 'kkD7PDR4Ba+dckXpfjVfYmlvJHMokvAPd3+WCAb2dhI=',
                  }
              };
              var cpo = document.createElement('script');
              cpo.src = '/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7e80caa84e0c2bd1';
              window._cf_chl_opt.cOgUHash = location.hash === '' && location.href.indexOf('#') !== -1 ? '#' : location.hash;
              window._cf_chl_opt.cOgUQuery = location.search === '' && location.href.slice(0, location.href.length - window._cf_chl_opt.cOgUHash.length).indexOf('?') !== -1 ? '?' : location.search;
              if (window.history && window.history.replaceState) {
                  var ogU = location.pathname + window._cf_chl_opt.cOgUQuery + window._cf_chl_opt.cOgUHash;
                  history.replaceState(null, null, "\/token?__cf_chl_rt_tk=7i41aovYTzSdPTfgD96i4BX0YytlBQtKoQ5.RKKLVNE-1689579152-0-gaNycGzNCxA" + window._cf_chl_opt.cOgUHash);
                  cpo.onload = function() {
                      history.replaceState(null, null, ogU);
                  };
              }
              document.getElementsByTagName('head')[0].appendChild(cpo);
          }());
      </script>
      </body>
      </html>
      ;
         --- End of inner exception stack trace ---
         at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync()
         at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
         at Microsoft.AspNetCore.ResponseCompression.ResponseCompressionMiddleware.InvokeCore(HttpContext context)
         at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication`1 application)
kyprizel commented 1 year ago

That's cloudflare blocks. Can you send me your IPs to whitelist?

Trolldemorted commented 1 year ago

Of course, we are 23.88.111.63 and will keep that IP until the contest is over.

Thanks for the quick help!

Trolldemorted commented 1 year ago

Worked like a charm, see you next time :)