Confused by github (no state found) and form (infinite loop) logins

12 views
Skip to first unread message

Matthias Kauer

unread,
Oct 3, 2016, 1:39:57 PM10/3/16
to gitit-discuss
Hi,
I'm trying to get a private gitit wiki running on my VPS.
However, there is some trouble with getting logins to work.

First, I have tried the 'form' method. There, I could create accounts, but I could then not login. The correct password would just bring me back to the login form. A wrong password would show 'wrong password', however.
Any ideas what that could be about?

Later, I tried getting 'github' login to work. I registered an Oauth application and filled out
"oauthcallback: http://my.site.net/_githubCallback" in gitit.conf.
As far as I can tell, Github is performing its work correctly. After I struggled with some uri_mismatch errors that is.
I am getting a callback on http://my.site.net/_githubCallback?code=xxxx&state=xxxx
but gitit answers it with
```

Happstack 7.4.5

Something went wrong here
Internal server error
Everything has stopped

The error was "No Github state found in session (is it the same domain?)"

```


Has the format of the OAuth protocol changed?

What are the following config items for? The end points from the default config don't seem to exist (anymore?)
```
oauthoauthorizeendpoint: https://github.com/login/oauth/authorize
oauthaccesstokenendpoint: https://github.com/login/oauth/access_token
```

what else could I be doing wrong?

This is gitit 0.12.1 installed from package on Ubuntu 16.04.

Thanks for your help.
Matthias

John MacFarlane

unread,
Oct 3, 2016, 3:28:55 PM10/3/16
to gitit-...@googlegroups.com
I don't know. Until recently, I used oauth on the
demo site (which I finally had to take down due to
extremely persistent spammers). It worked.
I used the endpoints and callback from the default config.
(with mysite replaced by gitit.net). I assume
you put in the oauthclientid and oauthclientsecret
relevant to your registration?

I just tried on my local machine with a new gitit
install, and form authentication worked.

So I'm not sure what is happening with yours.

+++ Matthias Kauer [Oct 03 16 10:39 ]:
> --
> You received this message because you are subscribed to the Google
> Groups "gitit-discuss" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to [1]gitit-discus...@googlegroups.com.
> To post to this group, send email to [2]gitit-...@googlegroups.com.
> Visit this group at [3]https://groups.google.com/group/gitit-discuss.
> For more options, visit [4]https://groups.google.com/d/optout.
>
>References
>
> 1. mailto:gitit-discus...@googlegroups.com
> 2. mailto:gitit-...@googlegroups.com
> 3. https://groups.google.com/group/gitit-discuss
> 4. https://groups.google.com/d/optout

Matthias Kauer

unread,
Oct 4, 2016, 2:20:37 PM10/4/16
to gitit-discuss
Thanks for your reply.
It motivated me to try the same thing again on my notebook. The unsuccessful attempts had been on a small VPS.
Locally, the form login worked right away and I got the OAuth working within minutes as well.
This is quite confusing indeed. Could this be a RAM issue?

In any case, sorry for the disturbance.

Freiric Barral

unread,
Oct 4, 2016, 2:37:06 PM10/4/16
to gitit-...@googlegroups.com
Hi,

I don't know why the form login could fail, but a common cause of failure for the github login is the following:

the github login first save a 'state' (a newly generated random string) in the session,
it call the authentication from github with this 'state',
github then sends the 'state' back which is compared with the one stored in the session.

The error you get means that gitit did not retrieve the state it had previously stored in the session.
The session is associated to a particular domain, so if the domain changes, the session changes.
Could it be that you are starting the login from the domain www.my.site.net and the callback is on the domain my.site.net?

Hth,

Freiric.


To unsubscribe from this group and stop receiving emails from it, send an email to gitit-discus...@googlegroups.com.
To post to this group, send email to gitit-...@googlegroups.com.
Visit this group at https://groups.google.com/group/gitit-discuss.
For more options, visit https://groups.google.com/d/optout.

0xD2BE32D5.asc

Freiric Barral

unread,
Oct 4, 2016, 2:37:10 PM10/4/16
to gitit-...@googlegroups.com
Hi,

I don't know why the form login could fail, but a common cause of failure for the github login is the following:

the github login first save a 'state' (a newly generated random string) in the session,
it call the authentication from github with this 'state',
github then sends the 'state' back which is compared with the one stored in the session.

The error you get means that gitit did not retrieve the state it had previously stored in the session.
The session is associated to a particular domain, so if the domain changes, the session changes.
Could it be that you are starting the login from the domain www.my.site.net and the callback is on the domain my.site.net?

Hth,

Freiric.


To unsubscribe from this group and stop receiving emails from it, send an email to gitit-discus...@googlegroups.com.
To post to this group, send email to gitit-...@googlegroups.com.
Visit this group at https://groups.google.com/group/gitit-discuss.
For more options, visit https://groups.google.com/d/optout.

Reply all
Reply to author
Forward
0 new messages