Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failed to finish oauth #9597

Closed
3 tasks done
jozbe opened this issue May 19, 2024 · 6 comments
Closed
3 tasks done

Failed to finish oauth #9597

jozbe opened this issue May 19, 2024 · 6 comments

Comments

@jozbe
Copy link

jozbe commented May 19, 2024

The bug

I'm using v1.103.1 in docker with Cloudflare tunnel and Cloudflare Authentication. It was working 2 days ago but now It says Failed to finish oauth. in web view.

The mobil view doesn't even bring up the oauth option regardless the uri redirection found in another.

The OS that Immich Server is running on

Docker

Version of Immich Server

v1.103.1

Version of Immich Mobile App

v1.105.0

Platform with the issue

  • Server
  • Web
  • Mobile

Your docker-compose.yml content

#
# WARNING: Make sure to use the docker-compose.yml of the current release:
#
# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
#
# The compose file on main may not be compatible with the latest release.
#

name: immich

services:
  immich-server:
    container_name: immich_server
    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
    command: ['start.sh', 'immich']
    volumes:
      - ${UPLOAD_LOCATION}:/usr/src/app/upload
      - /etc/localtime:/etc/localtime:ro
    env_file:
      - .env
    ports:
      - 2283:3001
    depends_on:
      - redis
      - database
    restart: always


  immich-microservices:
    container_name: immich_microservices
    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
    # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/hardware-transcoding
    #   file: hwaccel.transcoding.yml
    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
    command: ['start.sh', 'microservices']
    volumes:
      - ${UPLOAD_LOCATION}:/usr/src/app/upload
      - /etc/localtime:/etc/localtime:ro
    env_file:
      - .env
    depends_on:
      - redis
      - database
    restart: always


  immich-machine-learning:
    container_name: immich_machine_learning
    # For hardware acceleration, add one of -[armnn, cuda, openvino] to the image tag.
    # Example tag: ${IMMICH_VERSION:-release}-cuda
    image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
    # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration
    #   file: hwaccel.ml.yml
    #   service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable
    volumes:
      - model-cache:/cache
    env_file:
      - .env
    restart: always


  redis:
    container_name: immich_redis
    image: registry.hub.docker.com/library/redis:6.2-alpine@sha256:84882e87b54734154586e5f8abd4dce69fe7311315e2fc6d67c29614c8de2672
    restart: always


  database:
    container_name: immich_postgres
    image: registry.hub.docker.com/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
    environment:
      POSTGRES_PASSWORD: ${DB_PASSWORD}
      POSTGRES_USER: ${DB_USERNAME}
      POSTGRES_DB: ${DB_DATABASE_NAME}
    volumes:
      - ${DB_DATA_LOCATION}:/var/lib/postgresql/data
    restart: always


volumes:
  model-cache:

Your .env content

# You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables

# The location where your uploaded files are stored
UPLOAD_LOCATION=./library
# The location where your database files are stored
DB_DATA_LOCATION=./postgres

# The Immich version to use. You can pin this to a specific version like "v1.71.0"
IMMICH_VERSION=release

# Connection secret for postgres. You should change it to a random password
DB_PASSWORD=<password>

# The values below this line do not need to be changed
###################################################################################
DB_USERNAME=postgres
DB_DATABASE_NAME=immich

Reproduction steps

I press login with oauth
Enter the code from email
The error is shown in the UI and server log as well.

Relevant log output

`[Nest] 7  - 05/19/2024, 9:46:43 AM   ERROR [OPError: expected 200 OK, got: 302 Found
    at processResponse (/usr/src/app/node_modules/openid-client/lib/helpers/process_response.js:41:11)
    at Client.grant (/usr/src/app/node_modules/openid-client/lib/client.js:1354:22)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async Client.callback (/usr/src/app/node_modules/openid-client/lib/client.js:493:24)
    at async AuthService.getOAuthProfile (/usr/src/app/dist/services/auth.service.js:221:28)
    at async AuthService.callback (/usr/src/app/dist/services/auth.service.js:154:25)
    at async OAuthController.finishOAuth (/usr/src/app/dist/controllers/oauth.controller.js:39:22)] Failed to finish oauth
[Nest] 7  - 05/19/2024, 9:46:43 AM   ERROR [OPError: expected 200 OK, got: 302 Found
    at processResponse (/usr/src/app/node_modules/openid-client/lib/helpers/process_response.js:41:11)
    at Client.grant (/usr/src/app/node_modules/openid-client/lib/client.js:1354:22)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async Client.callback (/usr/src/app/node_modules/openid-client/lib/client.js:493:24)
    at async AuthService.getOAuthProfile (/usr/src/app/dist/services/auth.service.js:221:28)
    at async AuthService.callback (/usr/src/app/dist/services/auth.service.js:154:25)
    at async OAuthController.finishOAuth (/usr/src/app/dist/controllers/oauth.controller.js:39:22)] OPError: expected 200 OK, got: 302 Found`

Additional information

No response
@bo0tzz
Copy link
Member

bo0tzz commented May 19, 2024

What is the oauth issuer url you configured?

@jozbe
Copy link
Author

jozbe commented May 19, 2024

I'm using the one Cloudflare provided me in the Issuer field

@bo0tzz
Copy link
Member

bo0tzz commented May 19, 2024

Have you looked at this guide? #8299

@jozbe
Copy link
Author

jozbe commented May 19, 2024
edited

Yes, I've set it up based on the linked thread.

The mentioned issue is appearing at my side as well. (iOS app shows only email/pass, no option for oauth)

In the meanwhile I've recreated the Cloudflare application which handles authentication and it solved the error.

@bo0tzz bo0tzz closed this as completed May 19, 2024
@jozbe
Copy link
Author

jozbe commented May 20, 2024

@bo0tzz The mobile app doesn't show up Login with OAuth. I've tried it with the mobil redirect uri, but doesn't solved the issue.

@gregeeh
Copy link

gregeeh commented May 22, 2024

I'm getting this error in Immich Server also.

Would be great if someone could shine the light on a solution.

TIA

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bo0tzz @jozbe @gregeeh