decap-cms icon indicating copy to clipboard operation
decap-cms copied to clipboard

Published 20 hours ago verified publisher icon decaporg

"The redirect URI included is not valid" on GitLab

Open peterstory opened this issue 1 year ago • 4 comments

Describe the bug I'm trying to configure Decap for GitLab-hosted GitLab Pages. However, when I try to authenticate I get the error: "The redirect URI included is not valid." from GitLab.

To Reproduce My repo is https://gitlab.com/trinityworc/trinityworc.gitlab.io which is hosted at https://trinityworc.gitlab.io

Decap is available at: https://trinityworc.gitlab.io/admin/

I'm using Client-Side PKCE Authorization.

Expected behavior The auth flow should complete successfully.

Applicable Versions:

  • Decap CMS version: decap-cms@^3.0.0
  • Git provider: GitLab
  • OS: macOS
  • Browser version: Safari 17.3

CMS configuration My config.yml contains:

backend:
  name: gitlab
  repo: trinityworc/trinityworc.gitlab.io
  auth_type: pkce
  app_id: 4cc4af5fcdddf53c7d6f6ff0d170153a999635dda84e2dbec80658b69a4e3618
media_folder: "images/uploads"
public_folder: "/images/uploads"
collections:
  - name: "news"
    label: "News"
    folder: "docs/_posts"
    create: true
    slug: "{{year}}-{{month}}-{{day}}-{{slug}}"
    fields:
      - {label: "Layout", name: "layout", widget: "hidden", default: "post"}
      - {label: "Title", name: "title", widget: "string"}

Additional context I tried authorizing both user-owned and group-owned applications on GitLab, but no success either way.

peterstory avatar Feb 13 '24 20:02 peterstory

The same error occurred for me when I used the Authorization Code with PKCE Flow. Then, I switched to using the Implicit Grant Flow.

Hariraghav avatar Feb 15 '24 09:02 Hariraghav

I just tried with the implicit grant, and I got a new error: "The authorization server does not support this response type."

So perhaps GitLab removed support for implicit grant.

peterstory avatar Feb 15 '24 13:02 peterstory

suspected same issue at https://github.com/decaporg/decap-cms/issues/7093

blackb1rd avatar Feb 16 '24 04:02 blackb1rd

I just tried with the implicit grant, and I got a new error: "The authorization server does not support this response type."

So perhaps GitLab removed support for implicit grant.

Mine is a self hosted gitlab instance and implicit grant works fine. In my case decap cms removed / at the end of the redirect uri while making the request that's what causing the issue.

Hariraghav avatar Feb 16 '24 06:02 Hariraghav

Thank you @blackb1rd, the fix was released as 3.1.2. @peterstory please see if your issue was fixed

demshy avatar Feb 21 '24 07:02 demshy

Success! After updating to 3.1.2, I was able to authenticate to GitLab using pkce auth. Thank you for the quick resolution!

peterstory avatar Feb 21 '24 13:02 peterstory