search

decaporg / decap-cms

A Git-based CMS for Static Site Generators
https://decapcms.org
MIT License
17.66k stars 3.02k forks source link

"The redirect URI included is not valid" on GitLab #7100

Closed peterstory closed 4 months ago

peterstory commented 4 months ago

Describe the bug I'm trying to configure Decap for GitLab-hosted GitLab Pages. However, when I try to authenticate I get the error: "The redirect URI included is not valid." from GitLab.

To Reproduce My repo is https://gitlab.com/trinityworc/trinityworc.gitlab.io which is hosted at https://trinityworc.gitlab.io

Decap is available at: https://trinityworc.gitlab.io/admin/

I'm using Client-Side PKCE Authorization.

Expected behavior The auth flow should complete successfully.

Applicable Versions:

CMS configuration My config.yml contains:

backend:
  name: gitlab
  repo: trinityworc/trinityworc.gitlab.io
  auth_type: pkce
  app_id: 4cc4af5fcdddf53c7d6f6ff0d170153a999635dda84e2dbec80658b69a4e3618
media_folder: "images/uploads"
public_folder: "/images/uploads"
collections:
  - name: "news"
    label: "News"
    folder: "docs/_posts"
    create: true
    slug: "{{year}}-{{month}}-{{day}}-{{slug}}"
    fields:
      - {label: "Layout", name: "layout", widget: "hidden", default: "post"}
      - {label: "Title", name: "title", widget: "string"}

Additional context I tried authorizing both user-owned and group-owned applications on GitLab, but no success either way.

Hariraghav commented 4 months ago

The same error occurred for me when I used the Authorization Code with PKCE Flow. Then, I switched to using the Implicit Grant Flow.

peterstory commented 4 months ago

I just tried with the implicit grant, and I got a new error: "The authorization server does not support this response type."

So perhaps GitLab removed support for implicit grant.

blackb1rd commented 4 months ago

suspected same issue at https://github.com/decaporg/decap-cms/issues/7093

Hariraghav commented 4 months ago

I just tried with the implicit grant, and I got a new error: "The authorization server does not support this response type."

So perhaps GitLab removed support for implicit grant.

Mine is a self hosted gitlab instance and implicit grant works fine. In my case decap cms removed / at the end of the redirect uri while making the request that's what causing the issue.

demshy commented 4 months ago

Thank you @blackb1rd, the fix was released as 3.1.2. @peterstory please see if your issue was fixed

peterstory commented 4 months ago

Success! After updating to 3.1.2, I was able to authenticate to GitLab using pkce auth. Thank you for the quick resolution!