superseriousbusiness / gotosocial

Fast, fun, small ActivityPub server.
https://docs.gotosocial.org
GNU Affero General Public License v3.0
3.87k stars 340 forks source link

[bug] Compatibility issues with brid.gy #1327

Closed jk-na closed 1 year ago

jk-na commented 1 year ago

Describe the bug with a clear and concise description of what the bug is.

Trying to authenticate via brid.gy's mastodon oath path and receiving an error after approving the oath request at the GtS side.

What's your GoToSocial Version?

v0.6.0 git-f9e5ec9

GoToSocial Arch

arm64 binary

Browser version

No response

What happened?

  1. Navigate brid.gy to the mastodon login path
  2. Enter my gts server and then log in with my gts account
  3. Approve the oath request: Application Bridgy (https://brid.gy/) would like to perform actions on your behalf, with scope read:accounts read:blocks read:notifications read:search read:statuses.

The application will redirect to https://brid.gy/mastodon/callback to continue.

  1. Error returned on redirected page.

What you expected to happen?

To be able to authenticate with brid.gy in order to enable the application to interact with my GtS account

How to reproduce it?

Same steps as above

Anything else we need to know?

The errors from the syslog on the gts server:

Jan 11 12:49:57 gtsRock gotosocial[1024]: timestamp="11/01/2023 12:49:57.143" func=oauth.New.func1 level=ERROR msg="internal oauth error: parse \"https://brid.gy/mastodon/callback\\nhttps://brid.gy/delete/finish\\nhttps://brid.gy/micropub-token/mastodon/finish\\nhttps://brid.gy/publish/mastodon/finish\\nhttps://brid.gy/mastodon/delete/finish\": net/url: invalid control character in URL"
Jan 11 12:49:57 gtsRock gotosocial[1024]: timestamp="11/01/2023 12:49:57.143" func=oauth.New.func2 level=ERROR msg="internal response error: server_error"
Jan 11 12:49:57 gtsRock gotosocial[1024]: timestamp="11/01/2023 12:49:57.148" func=router.loggingMiddleware.func1 level=INFO latency=20.272862ms clientIP=192.168.1.1 userAgent="Mozilla/5.0 (X11; Linux x86_64; rv:106.0) Gecko/20100101 Firefox/106.0" method=POST statusCode=302 path=/oauth/authorize msg="Found: wrote 23B"

The url of the callback: https://brid.gy/mastodon/callback?error=server_error&error_description=The+authorization+server+encountered+an+unexpected+condition+that+prevented+it+from+fulfilling+the+request&state=11

Text on the resulting html page.

Bad Request

_servererror The authorization server encountered an unexpected condition that prevented it from fulfilling the request

I am not sure if the issue lies on the gotosocial side, the brid.gy side or a bit of both so will raise the same issue on both gts & bridgy github pages.

brid.gy ticket: https://github.com/snarfed/bridgy/issues/1385

jk-na commented 1 year ago

As per https://github.com/snarfed/bridgy/issues/1385#issuecomment-1378224069 - brid.gy author Ryan suggests that:

"Looks like the issue is that Mastodon's API for creating OAuth apps lets you pass multiple redirect URLs in redirect_uris, separated by newlines, https://github.com/doorkeeper-gem/doorkeeper/pull/298, but it looks like GtS might not support that."

tsmethurst commented 1 year ago

Thanks for investigating jon! this is a duplicate issue of https://github.com/superseriousbusiness/gotosocial/issues/962 so I'm gonna close it, but now it's linked in the other issue for the extra info it provides :)