gitpod icon indicating copy to clipboard operation
gitpod copied to clipboard
verified publisher icon gitpod-io

[JetBrains Gateway] "Client authentication failed: Invalid redirect_uri" when trying to login in Gitpod

Open felladrin opened this issue 3 years ago • 5 comments

Bug description

When clicking "Connect in Browser" in Gitpod Plugin: image

A user will receive the following error if the port in the OAuth URL (e.g. https://gitpod.io/api/oauth/authorize?client_id=jetbrains-gateway-gitpod-plugin&redirect_uri=http%3A%2F%2F127.0.0.1%3A58663) is out of the valid range defined in https://github.com/gitpod-io/gitpod/blob/d96957cfec1ca76dd024a353f9b48f6d4d560f7c/components/server/src/oauth-server/db.ts#L41-L47

{
"status": 401,
"message": "Client authentication failed: Invalid redirect_uri"
}

This issue happened with a user using JetBrains Gateway on Windows 10.

Discussing it with the JetBrains Gateway team, we were told that the Gateway actually uses the following port range: 49152–65535 [1][2]

Steps to reproduce

  1. Open the Gateway JVM Options editor using one of the following ways:
    image image
  2. Add the parameter -Drpc.port= 59333 (any number outside the range [63342-63362] also can be used to reproduce it). Save and restart the Gateway. image
  3. Now click on "Connect in Browser" in Gitpod Plugin and notice the error in the browser. image

Expected behavior

"Connecting in Browser" button should properly allow users to connect JetBrains Gateway to their Gitpod account.

Workaround

A temporary solution is to add the parameter -Drpc.port=63342 (with any number between 63342 and 63362) to the Gateway JVM Options, so when the Gateway starts, it will use this specific port for the Built-in Server [1][2]. After successfully connecting Gitpod account in the Gateway, one can remove the parameter from JVM Options, as that port is only used for the authentication step.

felladrin avatar Nov 24 '22 17:11 felladrin

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

stale[bot] avatar Mar 18 '23 20:03 stale[bot]

This issue is still valid. The Gateway might work fine when it is install and started standalone, but the issue happens when the Gateway is installed and started through Jetbrains Toolbox. In that case, the port number for OAuth is always not in the scope so that the same error happens.

langyunpeng avatar Aug 30 '23 03:08 langyunpeng

i am using this standalone and i'm facing the issue and the workaround is not working for me

unfortunately in my case, it looks like my system cannot open ports in the default range so it falls back to a port like 59420

Juesto avatar Dec 03 '23 23:12 Juesto

What's the status?

LvckyAPI avatar Feb 11 '24 11:02 LvckyAPI