500 ISE with GitHub App in certain conditions

[atodorov]

I am seeing some issues with a newly created GitHub App (not oauth app). Could be related to https://github.com/python-social-auth/social-core/issues/111, I don't know.

The issue is sometimes things work, sometimes not exactly.

Scenario 1: new user login from website - PASS:

• user goes to https://public.githubapp.kiwitcms.org/
• clicks the GitHub icon and successfully logs into the site. New account is created if this is a first time login.

In their account settings in GitHub they can see "Kiwi TCMS" under "Authorized GitHub Apps", but not under "Installed GitHub Apps", that is the app has access to their account but not to their repositories.

Scenario 2: Install GH app - FAIL: 1) User goes to https://github.com/apps/kiwi-tcms/installations/new, goes through the motions and is finally redirected to https://public.githubapp.kiwitcms.org/complete/github/?code=xxxxxxx&installation_id=xxxxx&setup_action=install

and here I get 500 ISE.

In both of the above scenarios the app is configured to redirect back to https://public.githubapp.kiwitcms.org/complete/github/ and Request user authorization (OAuth) during installation checkbox is checked.

During experimentation by removing the /complete/github/ path of the URL I was somehow able to complete the "Install" process and was directly redirected to the main page of the app (requires login). However I'm not able to reproduce this consistently.

AuthMissingParameter: Missing needed parameter state
  File "django/core/handlers/exception.py", line 34, in inner
    response = get_response(request)
  File "django/core/handlers/base.py", line 115, in _get_response
    response = self.process_exception_by_middleware(e, request)
  File "django/core/handlers/base.py", line 113, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "django/views/decorators/cache.py", line 44, in _wrapped_view_func
    response = view_func(request, *args, **kwargs)
  File "django/views/decorators/csrf.py", line 54, in wrapped_view
    return view_func(*args, **kwargs)
  File "social_django/utils.py", line 49, in wrapper
    return func(request, backend, *args, **kwargs)
  File "social_django/views.py", line 33, in complete
    *args, **kwargs)
  File "social_core/actions.py", line 43, in do_complete
    user = backend.complete(user=user, *args, **kwargs)
  File "social_core/backends/base.py", line 40, in complete
    return self.auth_complete(*args, **kwargs)
  File "social_core/utils.py", line 251, in wrapper
    return func(*args, **kwargs)
  File "social_core/backends/oauth.py", line 388, in auth_complete
    state = self.validate_state()
  File "social_core/backends/oauth.py", line 88, in validate_state
    raise AuthMissingParameter(self, 'state')

I will continue digging into this but figured I may get some help here or be useful to others.

[atodorov]

In Sentry breadcrumbs I see django.request | Not Found: /webhooks/github-app/

which is the path I have configured for this app to receive webhooks to. It still doesn't exist (GH integration under development). Could it be the issue ?