Cannot login planka with Forgejo's OAuth2, please help me!

plankanban / planka

The realtime kanban board for workgroups built with React and Redux.

https://planka.app

GNU Affero General Public License v3.0

7.32k stars 676 forks source link

Cannot login planka with Forgejo's OAuth2, please help me! #760

Open zyppe opened 1 month ago

zyppe commented 1 month ago

I want to connect it, so I added an OAuth2 application in my Forgejo (a gitea's fork), and I add these items in the configuration: OIDC_ISSUER, OIDC_CLIENT_ID, OIDC_CLIENT_SECRET. Then it can show login with SSO and jumped to my Forgejo, but when I login in, it just tell me UNKNOWN ERROR. What items do I ignored? Here is the document about Forgejo as OAuth2 provide: https://docs.gitea.com/development/oauth2-provider

eternity1984 commented 1 week ago

@zyppe How is OIDC_ISSUER set in your environment?

# Incorrect
OIDC_ISSUER=https://forgejo.DOMAIN.TLD/.well-known/openid-configuration
OIDC_ISSUER=https://forgejo.DOMAIN.TLD

# Correct
OIDC_ISSUER=https://forgejo.DOMAIN.TLD/

The following error probably occurred internally.

[server]  warn: Error while exchanging OIDC code: RPError: iss mismatch, expected https://forgejo.DOMAIN.TLD/, got: https://forgejo.DOMAIN.TLD/.well-known/openid-configuration