Wrong method to fetch token for openID connect

[Lichtjaeger]

• Gitea version (or commit ref): 1.2.0-rc1
• Git version: 2.14.1
• Operating system: Windows 10
• Database (use [x]):
  • PostgreSQL
  • MySQL
  • MSSQL
  • SQLite
• Can you reproduce the bug at https://try.gitea.io:
  • Yes (provide example URL)
  • No
  • Not relevant
• Log:

2017/08/29 10:40:12 [I] Log Mode: File(Info)
2017/08/29 10:40:12 [I] XORM Log Mode: File(Info)
2017/08/29 10:40:12 [I] Cache Service Enabled
2017/08/29 10:40:12 [I] Session Service Enabled
2017/08/29 10:40:13 [I] Git Version: 2.14.1
2017/08/29 10:40:13 [I] SQLite3 Supported
2017/08/29 10:40:13 [I] Run Mode: Production
2017/08/29 10:40:13 [I] Listen: http://0.0.0.0:3000
2017/08/29 10:40:35 [...routers/user/auth.go:409 handleOAuth2SignIn()] [E] UserSignIn: oauth2: cannot fetch token: 405 Method Not Allowed
Response: {"error":"invalid_request","error_description":"method not allowed"}

Description

Hi, I try to implement an openID connect Login with oidc-provider for Node.js.

But I get "method not allowed" errors if I test this solution. I opened an Issue at the provider page ( panva/node-oidc-provider#150 ) and the answer was, that the client used the wrong method to request the token.

[panva]

Hi, I am maintaining oidc-provider.

method not allowed is returned in cases where a route only responds to certain HTTP methods(verbs), in this case a POST for a token_endpoint, but other method is encountered.

[lunny]

From the log, it seems you are try to use OAuth2 login but not OpenID connect ?

[panva]

From an authorization_code flow perspective the two are the same (only in OIDC you must request the openid scope). Either way, the token_endpoint request must use a POST, does it?

[Lichtjaeger]

Here are my settings:

And the "/.well-known/openid-configuration.json":
openid-configuration.zip

[Lichtjaeger]

No improvement in Gitea v1.2.0-rc2.

[lunny]

@strk maybe you can see this?

[Lichtjaeger]

No improvement in Gitea v1.2.0-rc3.

[Lichtjaeger]

No improvement in Gitea v1.2.0. #618 still doesn't work for me.

[Lichtjaeger]

No improvement in Gitea v1.3.0-rc1.

[Lichtjaeger]

No improvement in Gitea v1.3.2.

@strk please state something.

[strk]

Sorry but I'm not involved in OpenID Connect consumer code at all. I did OpenID-2.0 one. The OpenID Connect code, as far as I can tell, was added by @willemvd in commit 950f2e2 via #1010

Willem, can you help here ?

[strk]

@Lichtjaeger re "#618 still doesn't work for me." you mean you don't haven an OpenID-2.0 server to use against, right ? Or file a separate issue if OpenID-2.0 is also not working for you, against a valid server.

[Lichtjaeger]

you mean you don't haven an OpenID-2.0 server to use against, right ? Or file a separate issue if OpenID-2.0 is also not working for you, against a valid server.

Sorry, I was looking for a reference to my problem and only found this. Yes, I don't have an OpenID-2.0 Server. I tried to use OpenID connect from the start.

[willemvd]

@Lichtjaeger have you also configured the yammer provider? This error message is only displayed when using the yammer provider (https://github.com/markbates/goth/search?q=%22cannot+fetch+token%22&type=)
Looks like the error message returned from the library is not correct