zwolf
commented
3 years ago The Doorkeeper app creds (PANOPTES_PROD_CLIENT_ID and PANOPTES_PROD_CLIENT_SECRET) are already being loaded from the kubernetes secret. Why does the app need both an app key/secret and a user login/password? What OAuth problem is this intended to solve?
Also I don't believe that the docker-compose file is being used outside of development. Production is spinning up the Dockerfile as a pod, so anything new should go in deploy template (except the Panoptes URL, which is already in there as PANOPTES_PROD_URL) or the secret (loaded by these lines )
chelseatroy
I have included them here in
docker-composefile.@zwolf if you need I can find a way to get the values for these env vars to ya!
Now, this doesn't fully fix oauth, because now when I go to authenticate I get "the redirect_uri is invalid." I've fixed this issue once before with @camallen, and the solution had to do with doorkeeper wanting a backslash. So I went into our oauth app for theia: https://panoptes.zooniverse.org/oauth/applications/128 and added the appropriate (I THOUGHT) redirect uri for our prod deployment, and I'm still getting the same error.
Does anything look wrong with that redirect_uri I added?