Replies: 2 comments 1 reply
-
This not a bug, this is a support request. |
Beta Was this translation helpful? Give feedback.
0 replies
-
but an uppercase name is used:
Check if using a lowecase name: works? |
Beta Was this translation helpful? Give feedback.
1 reply
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Describe the bug
I'm trying to use a GitLab identity provider as described in official documentation:
https://docs.okd.io/latest/authentication/identity_providers/configuring-gitlab-identity-provider.html
I choose gitlab at console form, redirecting to a gitlab, successful authorize there, then at gitlab form I get "The redirect URI included is not valid."
Looks like all resources created normally (I was created them via web-console):
oc describe OAuth cluster
Secret and config map with CA is present:
oc get secret gitlab-client-secret-9sv46 -n openshift-config
NAME TYPE DATA AGE
gitlab-client-secret-9sv46 Opaque 1 21h
oc get cm ca-cf-config-map -n openshift-config
NAME DATA AGE
ca-cf-config-map 1 19h
URI is made by template from documentation, e. g.
https://oauth-openshift.apps.cluster_name.cluster_domain.com/oauth2callback/GitLab
And I'm sure their contents are relative (Client ID, clientSecret and root CA). Other applications using gitlab oauth is authenticating well.
I'm actually not sure that it's a bug... But have no idea how debug this situation. Is it possible than callback URI had changed at any version of OKD?
P. S. If it's matters - callback URI is available from internet, I see it when try to open it by browser or do curl request.
Version
4.11.0-0.okd-2022-08-20-022919
UPI, bare metal
How reproducible
Setup application in gitlab, create gitlab identity provider with relevant properties and try to log on via gitlab.
Beta Was this translation helpful? Give feedback.
All reactions