Summary
Mattermost shows error “Bad response from token request” while thying to authenticate through Gitlab
Steps to reproduce
Install gitlab 11.8.0-rc8 from source on one server, install latest Mattermost on another. Configure them accordind to the guides, try to login with Gitlab
Expected behavior
Succesfull authentication in mattermost with Gitlab user account.
Observed behavior
We have Gitlab 11.8.0-rc8 installed from source on one server, and stand-alone Mattermost 5.9.0 on another. Both are configured according to guide on mattermost site. But when i press “Sign in with Gitlab” button i at first i’m redirected to Gitlab, grant authorization there, and after that i see an error screen "Bad response from token request."
Gitlab logs:
production.log
Started GET "/oauth/authorize?response_type=code&client_id=1de458ac4703d588f50f86dc2fbe2193a97cd12468dcc402a825b6ba8b057cb0&redirect_uri=https%3A%2F%2Fmm.XXXXXXXX.ru%2Fsignup%2Fgitlab%2Fcomplete&state=eyJhY3Rpb24iOiJsb2dpbiIsInRva2VuIjoic3FjZGQ1Ymc0cHJ1ZHpjN3Nrb2pnaXp5c2NqZmFpbWJmZnByZDExaHBvNDFob3h1ZXczZHN4cHR5cHdwcG0zciJ9" for 127.0.0.1 at 2019-03-27 20:19:46 +0300
Processing by Oauth::AuthorizationsController#new as HTML
Parameters: {"response_type"=>"code", "client_id"=>"1de458ac4703d588f50f86dc2fbe2193a97cd12468dcc402a825b6ba8b057cb0", "redirect_uri"=>"https://mmXXXXXXXX.ru/signup/gitlab/complete", "state"=>"eyJhY3Rpb24iOiJsb2dpbiIsInRva2VuIjoic3FjZGQ1Ymc0cHJ1ZHpjN3Nrb2pnaXp5c2NqZmFpbWJmZnByZDExaHBvNDFob3h1ZXczZHN4cHR5cHdwcG0zciJ9"}
Completed 200 OK in 27ms (Views: 19.2ms | ActiveRecord: 1.9ms)
Started GET "/oauth/undefined" for 127.0.0.1 at 2019-03-27 20:19:47 +0300
Processing by ApplicationController#route_not_found as */*
Parameters: {"unmatched_route"=>"oauth/undefined"}
Completed 404 Not Found in 11ms (Views: 1.4ms | ActiveRecord: 1.2ms)
Started POST "/oauth/authorize" for 127.0.0.1 at 2019-03-27 20:19:48 +0300
Processing by Oauth::AuthorizationsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"[FILTERED]", "client_id"=>"1de458ac4703d588f50f86dc2fbe2193a97cd12468dcc402a825b6ba8b057cb0", "redirect_uri"=>"https://mm.XXXXXXXX.ru/signup/gitlab/complete", "state"=>"eyJhY3Rpb24iOiJsb2dpbiIsInRva2VuIjoic3FjZGQ1Ymc0cHJ1ZHpjN3Nrb2pnaXp5c2NqZmFpbWJmZnByZDExaHBvNDFob3h1ZXczZHN4cHR5cHdwcG0zciJ9", "response_type"=>"code", "scope"=>"api", "nonce"=>""}
Redirected to https://mm.XXXXXXXX.ru/signup/gitlab/complete?code=9934b277d8481b166c3320b359f7cbfc95ab97cd857b248781bc96a4b905406c&state=eyJhY3Rpb24iOiJsb2dpbiIsInRva2VuIjoic3FjZGQ1Ymc0cHJ1ZHpjN3Nrb2pnaXp5c2NqZmFpbWJmZnByZDExaHBvNDFob3h1ZXczZHN4cHR5cHdwcG0zciJ9
Completed 302 Found in 9ms (ActiveRecord: 1.6ms)
Started POST "/oauth/token" for 127.0.0.1 at 2019-03-27 20:19:48 +0300
Processing by Doorkeeper::TokensController#create as JSON
Parameters: {"client_id"=>"1de458ac4703d588f50f86dc2fbe2193a97cd12468dcc402a825b6ba8b057cb0", "client_secret"=>"[FILTERED]", "code"=>"[FILTERED]", "grant_type"=>"authorization_code", "redirect_uri"=>"https://backend/signup/gitlab/complete"}
Completed 401 Unauthorized in 2ms
production_json.log
{
"method": "GET",
"path": "/oauth/authorize",
"format": "html",
"controller": "Oauth::AuthorizationsController",
"action": "new",
"status": 200,
"duration": 30.04,
"view": 22.19,
"db": 1.93,
"time": "2019-03-28T08:53:28.170Z",
"params": [
{
"key": "response_type",
"value": "code"
},
{
"key": "client_id",
"value": "1de458ac4703d588f50f86dc2fbe2193a97cd12468dcc402a825b6ba8b057cb0"
},
{
"key": "redirect_uri",
"value": "https://mm.XXXXXXXX.ru/signup/gitlab/complete"
},
{
"key": "state",
"value": "eyJhY3Rpb24iOiJsb2dpbiIsInRva2VuIjoiYXc1ZThlZDYzZTMxNzFuZzdkdTZyNGFwamc3Y294NGpnZnR0c3NteXp5cnFhZXhiOHB6OXFpbzlodGVpa3lyNCJ9"
}
],
"remote_ip": null,
"user_id": null,
"username": null,
"ua": null,
"correlation_id": "AcjHeW1h94"
}
{
"method": "GET",
"path": "/oauth/undefined",
"format": "*/*",
"controller": "ApplicationController",
"action": "route_not_found",
"status": 404,
"duration": 11.11,
"view": 1.11,
"db": 2.04,
"time": "2019-03-28T08:53:28.582Z",
"params": [
{
"key": "unmatched_route",
"value": "oauth/undefined"
}
],
"remote_ip": "10.10.1.56",
"user_id": 84,
"username": "XXXXX",
"ua": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:66.0) Gecko/20100101 Firefox/66.0",
"correlation_id": "A2JdMpVsB13"
}
{
"method": "POST",
"path": "/oauth/authorize",
"format": "html",
"controller": "Oauth::AuthorizationsController",
"action": "create",
"status": 302,
"duration": 10.07,
"view": 0,
"db": 2.07,
"location": "https://mm.XXXXXX.ru/signup/gitlab/complete",
"time": "2019-03-28T08:53:29.386Z",
"params": [
{
"key": "utf8",
"value": "✓"
},
{
"key": "authenticity_token",
"value": "[FILTERED]"
},
{
"key": "client_id",
"value": "1de458ac4703d588f50f86dc2fbe2193a97cd12468dcc402a825b6ba8b057cb0"
},
{
"key": "redirect_uri",
"value": "https://mm.XXXXX.ru/signup/gitlab/complete"
},
{
"key": "state",
"value": "eyJhY3Rpb24iOiJsb2dpbiIsInRva2VuIjoiYXc1ZThlZDYzZTMxNzFuZzdkdTZyNGFwamc3Y294NGpnZnR0c3NteXp5cnFhZXhiOHB6OXFpbzlodGVpa3lyNCJ9"
},
{
"key": "response_type",
"value": "code"
},
{
"key": "scope",
"value": "api"
},
{
"key": "nonce",
"value": ""
}
],
"remote_ip": null,
"user_id": null,
"username": null,
"ua": null,
"correlation_id": "r2jixRPrzJ3"
}
{
"method": "POST",
"path": "/oauth/token",
"format": "json",
"controller": "Doorkeeper::TokensController",
"action": "create",
"status": 401,
"duration": 3.4,
"view": 0,
"time": "2019-03-28T08:53:29.431Z",
"params": [
{
"key": "client_id",
"value": "1de458ac4703d588f50f86dc2fbe2193a97cd12468dcc402a825b6ba8b057cb0"
},
{
"key": "client_secret",
"value": "[FILTERED]"
},
{
"key": "code",
"value": "[FILTERED]"
},
{
"key": "grant_type",
"value": "authorization_code"
},
{
"key": "redirect_uri",
"value": "https://backend/signup/gitlab/complete"
}
],
"remote_ip": null,
"user_id": null,
"username": null,
"ua": null,
"correlation_id": "1qErLiNqBZ6"
}