Open lf- opened 1 year ago
@lf- : It looks like it should just be the callbackHost
in config.json
on the RPI: https://github.com/vhs/vhs-laser-access/blob/11ae1cd31cdcf21dda93ddc0e1575825e9a73d9a/routes/auth.js#L84
Ref: https://github.com/vhs/vhs-laser-access/blob/11ae1cd31cdcf21dda93ddc0e1575825e9a73d9a/config.json.sample#LL18C31-L18C31
@lf- : It looks like it should just be the
callbackHost
inconfig.json
on the RPI:
The trouble is that the config is reasonable and what we have told GitHub is unreasonable (sending credentials over plaintext http), so we need to fix the github side, not our config.
Yeah, it's broken. Even with a new OAuth app (on the org itself). I'll look into this
I am interested in possibly fixing this.
Bugs:
https://github.com/login/oauth/authorize?response_type=code&redirect_uri=https%3A%2F%2Flaser.vanhack.ca%2Fauth%2Fgithub%2Fcallback&client_id=cab6b2ba38f15cbe2df9
GitHub blocks this request with the following error: https://docs.github.com/en/apps/oauth-apps/maintaining-oauth-apps/troubleshooting-authorization-request-errors#redirect-uri-mismatch
I have investigated why this is the case, and the answer is that the configured URL is:
http://laser.vanhack.ca/auth/github/callback
(note: http, not https), so it is rejecting the OAuth call. This should be switched to https in the github app settings.Resolution: @garthomite can you please transfer the github app to the
vhs
organization using this guide, then we can fix the URL: https://docs.github.com/en/apps/maintaining-github-apps/transferring-ownership-of-a-github-app