Closed paligiannis closed 7 months ago
My best guess is you didn't replace the var ${my_domain} to the correct one, assuming your cert is good. Make sure you do so with the right one. If you happen to see ${my_domain} in your log lines, I might be right.
Thank you for the response. I have replaced everything on the envs except from the fact that reverse proxy is always proxy passed without https. I think that the problem is somewhere in the actual database of the outline. I connected to the postgres database and I saw some tables and saw some kind of configuation. I don't know it there is something there to be changed.
Also, I hardcoded the env.oidc file with my criteria, still getting the same effect also adding http and https at the prefix but did't worked. The location http://{$domain}/uc/admin/auth/user/ is accessible, I can login and also able to create users but there is some problem when I try to login through oidc. There is some problem with the callback or the validation keys (I don't know) from the side of the outline.
From the outline logs I get this error
[
{
"error":"State not return in OAuth flow",
"level":"error",
"message":"Error during authentication",
"stack":"BadRequestError: State not return in OAuth flow\n at OAuthStateMismatchError (/opt/outline/build/server/errors.js:128:34)\n at StateStore.verify (/opt/outline/build/server/utils/passport.js:47:61)\n at OAuth2Strategy.authenticate (/opt/outline/node_modules/passport-oauth2/lib/strategy.js:222:26)\n at _passportOauth.Strategy.authenticate (/opt/outline/build/plugins/oidc/server/auth/oidc.js:39:26)\n at attempt (/opt/outline/node_modules/passport/lib/middleware/authenticate.js:369:16)\n at authenticate (/opt/outline/node_modules/passport/lib/middleware/authenticate.js:370:7)\n at /opt/outline/node_modules/@outlinewiki/koa-passport/lib/framework/koa.js:194:7\n at new Promise (<anonymous>)\n at /opt/outline/node_modules/@outlinewiki/koa-passport/lib/framework/koa.js:193:12\n at /opt/outline/node_modules/@outlinewiki/koa-passport/lib/framework/koa.js:143:7\n at new Promise (<anonymous>)\n at passportAuthenticate (/opt/outline/node_modules/@outlinewiki/koa-passport/lib/framework/koa.js:107:15)\n at passportMiddleware (/opt/outline/build/server/middlewares/passport.js:75:7)\n at /opt/outline/node_modules/dd-trace/packages/datadog-instrumentations/src/koa.js:88:57\n at passportMiddleware (/opt/outline/node_modules/dd-trace/packages/datadog-shimmer/src/shimmer.js:26:21)\n at dispatch (/opt/outline/node_modules/koa-router/node_modules/koa-compose/index.js:44:32)\n at next (/opt/outline/node_modules/koa-router/node_modules/koa-compose/index.js:45:18)\n at /opt/outline/node_modules/koa-router/lib/router.js:346:16\n at dispatch (/opt/outline/node_modules/koa-router/node_modules/koa-compose/index.js:44:32)\n at next (/opt/outline/node_modules/koa-router/node_modules/koa-compose/index.js:45:18)\n at /opt/outline/node_modules/@outlinewiki/koa-passport/lib/framework/koa.js:60:14\n at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
}
]
For anyone that has the same issue my solution was to add the correct forwarding headers to nginx. It's ABSOLUTELY an NGINX resolution, NOTHING correlated with outline, or this docker installation.
add this to the / location for your nginx
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header Host $host;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
Also for troubleshooting you can check this discussion with similar issues: https://github.com/outline/outline/discussions/6002 > Check the TheDanHealy comments
Very important to specifically follow the instructions to https://docs.getoutline.com/s/hosting/doc/nginx-6htaRboR57
For debugging the container of docker deployed to your server follow the steps below
Hey there,
I am trying 4 days now before I submit the new issue to address a specific problem I have an fresh installation on DO and everything is running great. I have established a new server, reverse nginx proxy and also created SSL through certbot.
All these are running correctly, no logs with issues. The problem is that my OIDC server is giving the following error. I am sure that I use the correct password and everything. I can't understand why this is happening.
Main problem https://${my_domain}/?notice=state-mismatch
My config file is also set up
Please, because there are some data on the server and I don't to lose them (the initial installation had no SSL, the I decided to add SSL and everything got wrong :( )