Oauth apps workflow fails on fresh install, even though manual token creation works

[melissaboiko]

OAUTH_ENABLED=true is set on .env.

I ran artisan passport:install as well as artisan passport:client --personal (plus the routes, views and config cache). I restarted all services and tried cleaning app data.

The Pixelfed app, after accessing my server, redirects back to the starting screen without any messages. Pixeldroid does the same, with a message "could not authenticate".

The only log I could find in the server is not an error but just the nginx access:

[28/May/2023:03:32:43 +0200] "GET https://example.com/api/v1/accounts/verify_credentials?_pe=1 HTTP/2.0" 302 386 "-" "okhttp/4.9.2" 0.004 [28/May/2023:03:32:43 +0200] "GET https://example.com/login HTTP/2.0" 200 2595 "-" "okhttp/4.9.2" 0.004

---

I can log in via the browser (Fennec) normally, and the browser has a logged in session in the cookies. Fennec requires confirmation before following the oauth redirect url scheme. Thinking that this might upset some timing, I tried the system browser, but it does not suport the oauth redirect url scheme. My Android distro is incompatible with Google Chrome, so I tried Brave Browser. it does follow the redirect instantly, but that didn't solve the Pixelfed oauth issue.

Not sure if related but:

• I'm using Postgresql.
• I'm running SESSION_DRIVER=cookie which is the only workaround I could find to #106 .

I can login to my instance via webpage. Oauth appears to work on both apps for the default instance. Pixelfed v0.11.7.

[melissaboiko]

Different from #178 because I can in fact access /settings/applications and create an access token, but the apps' workflow with URL redirects still fail. Also not like #120 in that the curl tests return redirects to login without any error.