davidjgraph
commented
2 years ago http isn't supported is the standard tomcat setup, you'll have to change tomcat, but I don't know the process.
Closed sftykbm closed 11 months ago
davidjgraph
commented
2 years ago http isn't supported is the standard tomcat setup, you'll have to change tomcat, but I don't know the process.
sftykbm
commented
2 years ago http isn't supported is the standard tomcat setup, you'll have to change tomcat, but I don't know the process.
So I'll have to use https for the app? But with https setup I got the same error. Our gitlab server is running on http since it's just for internal use and it does not even have Internet access. Do I have to enable https for it as well to make oauth work?
davidjgraph
commented
2 years ago If you're using a fake SSL cert, the default tomcat setup doesn't like that, but I'm not sure resolving a tomcat configuration issue is within the scope of our docker image.
sftykbm
commented
2 years ago Figured out the 500 error. The docker network was congfiured as NAT so the image does not resolve the gitlab FQDN. But after I modified the hosts file it gives me a new http 400 error stating "invalid grant" now.
here's what shows in the log: 06-Sep-2022 07:48:38.293 SEVERE [http-nio-8080-exec-8] com.mxgraph.online.AbsAuthServlet.contactOAuthServer AUTH-SERVLET: [http://\<gitlab fqdn>/oauth/token] ERROR: Server returned HTTP response code: 400 for URL: http://\<gitlab fqdn>/oauth/token -> {"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}
davidjgraph
commented
2 years ago what is your redirection URI in gitlab and what does it attempt on the browser?
sftykbm
commented
2 years ago what is your redirection URI in gitlab and what does it attempt on the browser?
http://\<draw fqdn>/gitlab
It does go to the gitlab authentication page, but when it's trying to get back to draw.io page after I hit "authorize" it would fail
sftykbm
commented
1 year ago since I couldnt get the docker work properly I just tested the war version. Set it up with Tomcat 10.0.27 and modified PreConfig.js like this
DRAWIO_GITLAB_URL = 'local-gitlab-address'; DRAWIO_GITLAB_ID = 'something'; DRAWIO_GITLAB_SECRET = 'something'; DRAWIO_BASE_URL = 'local-drawio-address'; urlParams['db'] = '0'; urlParams['gapi'] = '0'; urlParams['db'] = '0';
It loads without any problem but whenever I hit Gitlab icon it will tell me "Unknown Error" and won't go any further.
If I hit "log out" it goes to my local gitlab page which means the customized configuration works
By looking at debug info it complains about a 404 error which is `GET http://local-drawio-address/gitlab?getState=1 404'
and it's caused by `app.min.js:287 which is like this:
null!=c&&null!=d&&(this.request.timeout=c,this.request.ontimeout=d),this.request.send(this.params))};mxXmlRequest.prototype.setRequestHeaders=function(a,b){null!=b&&a.setRequestHeader("Content-Type","application/x-www-form-urlencoded")};
Any thoughts?
medanthelinium
commented
1 year ago Hey @sftykbm, have you been able to figure it out? I'm running into the same error with the latest jgraph/drawio:
14-Dec-2022 10:33:50.658 SEVERE [https-openssl-nio-8443-exec-9]
com.mxgraph.online.AbsAuth.contactOAuthServer AUTH-SERVLET: [https://gitlab.example.com/oauth/token] ERROR:
Server returned HTTP response code: 400 for URL: https://gitlab.example.com/oauth/token ->
{"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not
match the redirection URI used in the authorization request, or was issued to another client."}Hey @sftykbm, have you been able to figure it out? I'm running into the same error with the latest jgraph/drawio:
14-Dec-2022 10:33:50.658 SEVERE [https-openssl-nio-8443-exec-9] com.mxgraph.online.AbsAuth.contactOAuthServer AUTH-SERVLET: [https://gitlab.example.com/oauth/token] ERROR: Server returned HTTP response code: 400 for URL: https://gitlab.example.com/oauth/token -> {"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}
Nope no luck
m-mohamedin
commented
1 year ago Hi,
We'll add http support in the next release. It will be via env var DRAWIO_USE_HTTP=1
More details https://github.com/jgraph/docker-drawio/blob/dev/self-contained/README.md
sftykbm
commented
1 year ago Hi,
We'll add http support in the next release. It will be via env var
DRAWIO_USE_HTTP=1More details https://github.com/jgraph/docker-drawio/blob/dev/self-contained/README.md
Thanks for the update! Appreciate it.
Describe the bug Set up oauth for the docker with a private gitlab instance and it went smoothly until the last step
when I hit "authorize" the browser gave me an http 500 error and won't go any further.
To Reproduce Steps to reproduce the behavior:
Expected behavior After authorized by Gitlab it should redirect me back to the draw webpage so I can save my files to Gitlab projects.
draw.io version (In the Help->About menu of the draw.io editor):
This should be a pretty straight forward setup, not sure which part I did wrong though, or is it just a bug. Please advise.