Join the conversation

Sign in to join this conversation, and others like it, in the communities you care about.

Wekan

Wekan is an open-source kanban board (Trello like) which allows a card-based task and to-do management.

Wekan / Bugs

Connect wekan by OAuth2

Connect wekan by OAuth2

Wekan / Bugs · June 13, 2019 at 10:03am

Hi guys !

I’m trying to use OAuth2 on wekan, installed by snap on ubuntu 18.04, to manage my authentications.

I’m not using the rocketChat server, I’m using mine with the rocketchat-oaut2-server package (https://github.com/RocketChat/rocketchat-oauth2-server)

I’ve already 2 OAuth clients connected on my app, so, I guess I didn’t code too many mystakes.

I followed the wekan documentation, this is my auth.sh:

sudo snap set wekan oauth2-enabled='true'
sudo snap set wekan oauth2-client-id='8JjSy8GyRBZNjhGeR'
sudo snap set wekan oauth2-secret='I7WO8AcW4etP14mWf8J6wJ-TiJUJds82ZcR6O5UC2S7'
sudo snap set wekan oauth2-server-url='http://localhost:3000/'
sudo snap set wekan oauth2-auth-endpoint='oauth/authorize'
sudo snap set wekan oauth2-userinfo-endpoint='oauth/userinfo'
sudo snap set wekan oauth2-token-endpoint='oauth/token'
sudo snap set wekan oauth2-id-map='id'
sudo snap set wekan oauth2-username-map='firstName'
sudo snap set wekan oauth2-fullname-map='lastName'
sudo snap set wekan oauth2-email-map='email'

I changed the map because I’m sending a id, firstName, lastName and email with my server. I can click on the Oidc button, connect myself on my server, but when it comes back to wekan, I’m not logged, it says “internal server error”

So, this is my server logs:

[OAuth2Server] GET /oauth/authorize?loginStyle=popup&client_id=8JjSy8GyRBZNjhGeR&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A4000%2F_oauth%2Foidc&state=eyJsb2dpblN0eWxlIjoicG9wdXAiLCJjcmVkZW50aWFsVG9rZW4iOiJzaDJGMUJvbkU3cFRuNWxwZ01Db0E4bXhxZXhPWVVrdnVPV29INU1RWHJDIiwiaXNDb3Jkb3ZhIjpmYWxzZX0%3D&scope=%27openid%20profile%20email%27
[OAuth2Server] POST /oauth/authorize?loginStyle=popup&client_id=8JjSy8GyRBZNjhGeR&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A4000%2F_oauth%2Foidc&state=eyJsb2dpblN0eWxlIjoicG9wdXAiLCJjcmVkZW50aWFsVG9rZW4iOiJzaDJGMUJvbkU3cFRuNWxwZ01Db0E4bXhxZXhPWVVrdnVPV29INU1RWHJDIiwiaXNDb3Jkb3ZhIjpmYWxzZX0%3D&scope=%27openid%20profile%20email%27
[OAuth2Server] POST /oauth/authorize?loginStyle=popup&client_id=8JjSy8GyRBZNjhGeR&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A4000%2F_oauth%2Foidc&state=eyJsb2dpblN0eWxlIjoicG9wdXAiLCJjcmVkZW50aWFsVG9rZW4iOiJzaDJGMUJvbkU3cFRuNWxwZ01Db0E4bXhxZXhPWVVrdnVPV29INU1RWHJDIiwiaXNDb3Jkb3ZhIjpmYWxzZX0%3D&scope=%27openid%20profile%20email%27
[OAuth2Server] in getClient (clientId: 8JjSy8GyRBZNjhGeR , clientSecret: null )
[OAuth2Server] in saveAuthCode (code: d489f3ff6ad4a3d6ed3a8561001b5e00d70f0a5e , clientId: 8JjSy8GyRBZNjhGeR , expires: 2019-06-13T08:47:55.243Z , user: { id: 'YsjJWSoyauSx4aLbC' } )
[OAuth2Server] POST /oauth/token
[OAuth2Server] in getClient (clientId: 8JjSy8GyRBZNjhGeR , clientSecret: I7WO8AcW4etP14mWf8J6wJ-TiJUJds82ZcR6O5UC2S7 )
[OAuth2Server] in grantTypeAllowed (clientId: 8JjSy8GyRBZNjhGeR , grantType: authorization_code)
[OAuth2Server] in getAuthCode (authCode: d489f3ff6ad4a3d6ed3a8561001b5e00d70f0a5e)
[OAuth2Server] in saveAccessToken (token: c72b203226e13995c0ecb91b353723db0f35572e , clientId: 8JjSy8GyRBZNjhGeR , user: { id: 'YsjJWSoyauSx4aLbC' } , expires: 2019-06-13T09:47:25.306Z )
[OAuth2Server] in saveRefreshToken (token: 8c5e60ad7838a2595047705bba7262927db370d1 , clientId: 8JjSy8GyRBZNjhGeR , user: { id: 'YsjJWSoyauSx4aLbC' } , expires: 2019-06-27T08:47:25.306Z )
[OAuth2Server] in getAccessToken (bearerToken: c72b203226e13995c0ecb91b353723db0f35572e )

And the wekan logs:

wekan.wekan[21628]: firstName: 'noFirstName',
wekan.wekan[21628]: lastName: 'noLastName' }
wekan.wekan[21628]: XXX: userinfo: { id: 'YsjJWSoyauSx4aLbC',
wekan.wekan[21628]: username: '[email protected]',
wekan.wekan[21628]: email: '[email protected]',
wekan.wekan[21628]: firstName: 'noFirstName',
wekan.wekan[21628]: lastName: 'noLastName' }
wekan.wekan[21628]: {"line":"431","file":"oauth.js","message":"Error in OAuth Server: Cannot use 'in' operator to search for '[]' in null","time":{"$date":1560415645517},"level":"warn"}
2019-06-13T08:47:25Z wekan.wekan[21628]: Exception while invoking method 'login' { stack: 'TypeError: Cannot use \'in\' operator to search for \'[]\' in null\n at packages/underscore.js:894:15\n at Array.forEach (<anonymous>)\n at _.each._.forEach (packages/underscore.js:139:11)\n at Function._.pick (packages/underscore.js:893:5)\n at Object.handleOauthRequest (packages/wekan-oidc.js:48:20)\n at OAuth._requestHandlers.(anonymous function) (packages/oauth2.js:27:31)\n at middleware (packages/oauth.js:203:5)\n at packages/oauth.js:176:5',
2019-06-13T08:47:25Z wekan.wekan[21628]: source: 'method' }

I don’t know if the bug come from my configuration, my server or wekan ><

Does anybody have an idea please ? :)


June 13, 2019 at 12:14pm

It's Wekan bug. I will release new Wekan version today or tomorrow with a fix for that, we can then try does it work then.

    • reply
    • like

    Hi Lauri! Thank you for your answer, I'll wait the fix and try again ;-)

      Edited
      • reply
      • like

      June 13, 2019 at 6:16pm

      to update, type: sudo snap refresh

        like-fill
        1
        • reply
        • like

        And try does it work now

          • reply
          • like

          June 14, 2019 at 8:11am

          It works! Thank you very much Lauri.

            like-fill
            1
            • reply
            • like