search

dbgate / dbgate

Database manager for MySQL, PostgreSQL, SQL Server, MongoDB, SQLite and others. Runs under Windows, Linux, Mac or as web application
https://dbgate.org
GNU General Public License v3.0
5.17k stars 297 forks source link

BUG: OIDC authentication not working anymore #891

Open tedstriker opened 1 week ago

tedstriker commented 1 week ago

Describe the bug Haven't used DbGate for a while, but updated it to the recent version every now and then. Currently running 5.4.4 Trying to log in using OIDC doesn't work anymore. Maybe something in Authentik (auth provider) has been misconfigured, but nothing I can point my finger at. Any hint is appreciated

To Reproduce Steps to reproduce the behavior:

  1. Go to your installed instance of dbgate in the browser
  2. Try to log in using your OIDC provider
  3. See error image

from the log:

Error [ERR_HTTP_HEADERS_SENT]: Cannot set headers after they are sent to the client
    at new NodeError (node:internal/errors:405:5)
    at ServerResponse.setHeader (node:_http_outgoing:648:11)
    at S.set.S.header (/home/dbgate-docker/bundle.js:2:261527)
    at S.send (/home/dbgate-docker/bundle.js:2:257161)
    at h (/home/dbgate-docker/bundle.js:2:1669023)
    at authMiddleware (/home/dbgate-docker/bundle.js:2:1670078)
    at o.handle_request (/home/dbgate-docker/bundle.js:2:268782)
    at /home/dbgate-docker/bundle.js:2:266151
    at /home/dbgate-docker/bundle.js:2:266173
    at m.process_params (/home/dbgate-docker/bundle.js:2:266665)

Expected behavior I expected to be logged in as the authenticated user.

Screenshots If applicable, add screenshots to help explain your problem.

Version Information (please complete the following information):

janproch commented 1 week ago

Du you have properly configured allowed redirect_uri in authentik?

tedstriker commented 1 week ago

I haven't changed it after I got it working months ago, so I guess yes, but it seems like something changed. What I've found in the docs (text above the last screenshot) is, that it's the same URL as when you open it. No sub path or anything. So it's https://dbgate.mydomain.example/ Was a sub path added to it recently?

pmpetit commented 6 days ago

i have the same problem... fail for >= 5.4.0 image

ok for version 5.3.4

tedstriker commented 5 days ago

Can confirm. Reverted back to 5.3.4 and authentication is working again.

The release notes don't mention any change regarding the auth system, so this seems like an unintentional change.

janproch commented 15 hours ago

You are right, this functionality was broken, it is fixed now. Redirect URL is the same, also it os now written to console before redirecting