Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error setting up GotoSocial as OAuth provider: unable to exchange code for access token #888

Open
CDN18 opened this issue Feb 17, 2024 · 0 comments
Open

Error setting up GotoSocial as OAuth provider: unable to exchange code for access token #888

CDN18 opened this issue Feb 17, 2024 · 0 comments

Comments

@CDN18
Copy link

CDN18 commented Feb 17, 2024

Describe the bug

While trying to login with a GotoSocial account. Writefreely will report an error saying that unable to exchange code for access token.

Upon checking the log of both side, I found that GotoSocial complains with the following message: Bad Request: client_id was not set in the token request form: client_secret was not set in the token request form

So, does Writefreely indeed not supply a client_id and client_secret in the token request form as mentioned by GotoSocial? If so, is it possible to add these two parameters in the token request form to try and resolve the issue?

Attached below are the logs from Writefreely and GotoSocial:

Logs from Writefreely:

writefreely-web  | 2024/02/17 05:32:52 "GET /oauth/generic" 307 1.225989ms "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"
writefreely-web  | 2024/02/17 05:33:01 "GET /oauth/callback/generic?code=MM********************************ZJM5&state=VvxpL*********71NAGNq6" 500 39.287332ms "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"
writefreely-web  | ERROR: 2024/02/17 05:33:01 oauth.go:337: Unable to exchangeOauthCode: unable to exchange code for access token

Logs from GotoSocial:

gotosocial  | timestamp="17/02/2024 06:04:47.943" func=bundb.queryHook.AfterQuery level=TRACE duration=1.01092ms query=SELECT "client"."id", "client"."created_at", "client"."updated_at", "client"."secret", "client"."domain", "client"."user_id" FROM "clients" AS "client" WHERE (id = '<redacted>')
gotosocial  | timestamp="17/02/2024 06:04:47.945" func=bundb.queryHook.AfterQuery level=TRACE duration=2.48788ms query=INSERT INTO "tokens" ("id", "created_at", "updated_at", "client_id", "user_id", "redirect_uri", "scope", "code", "code_challenge", "code_challenge_method", "code_create_at", "code_expires_at", "access", "access_create_at", "access_expires_at", "refresh", "refresh_create_at", "refresh_expires_at") VALUES ('<redacted>', DEFAULT, DEFAULT, '<redacted>', '<redacted>', 'https://<writefreely_url>/oauth/callback/generic', 'read:accounts', '<redacted>', DEFAULT, DEFAULT, '2024-02-17 06:04:47.943356+00:00', '2024-02-17 06:14:47.943368+00:00', DEFAULT, DEFAULT, DEFAULT, DEFAULT, DEFAULT, DEFAULT) RETURNING "created_at", "updated_at", "code_challenge", "code_challenge_method", "access", "access_create_at", "access_expires_at", "refresh", "refresh_create_at", "refresh_expires_at"
gotosocial  | timestamp="17/02/2024 06:04:47.946" func=server.glob..func1.Logger.func13.1 level=INFO latency="7.98484ms" userAgent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" method=POST statusCode=302 path=/oauth/authorize clientIP=<redacted> requestID=rb9tndcd040011j1w87g msg="Found: wrote 23B"
gotosocial  | timestamp="17/02/2024 06:04:48.318" func=util.OAuthErrorHandler level=DEBUG path=/oauth/token error=invalid_request help="Bad Request: client_id was not set in the token request form: client_secret was not set in the token request form" requestID=7qatndcd040017gjptag msg="handling OAuth error"
gotosocial  | timestamp="17/02/2024 06:04:48.318" func=server.glob..func1.Logger.func13.1 level=INFO latency="447.84µs" userAgent="Go (WriteFreely/)" method=POST statusCode=400 path=/oauth/token clientIP=<redacted> requestID=7qatndcd040017gjptag msg="Bad Request: wrote 122B"

Steps to reproduce (if necessary)

Steps to reproduce the behavior:

  1. Register a GotoSocial OAuth application (the process it identical to Mastodon)
  2. Setup the oauth application as Writefreely's oidc provider
  3. Restart writefreely instance and try login with GotoSocial account.
  4. Got the error

Expected behavior

Access token should be exchanged successfully and the login flow should continue without issue

Application configuration

  • Single mode or Multi-user mode? : Multi-user mode
  • Database?: mysql
  • Open registration?: yes
  • Federation enabled?: yes

OIDC Configuration

[oauth.generic]
client_id          = <redacted>
client_secret      = <redacted>
host               = https://<gotosocial_url>
display_name       = GotoSocial
callback_proxy     = 
callback_proxy_api = 
token_endpoint     = /oauth/token
inspect_endpoint   = /api/v1/accounts/verify_credentials
auth_endpoint      = /oauth/authorize
scope              = read:accounts
allow_disconnect   = true
map_user_id        = id
map_username       = 
map_display_name   = 
map_email          =

Version or last commit: v0.15.0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@CDN18