Eclipse che authentication using GitLab -> Callback URL is invalid

[AkramMulani]

Summary

I have changed the configuration for networking.auth to authenticate using GitLab.

As per the changes, configuration applied successfully, but the issue I encountered that is:
Invalid callback URI. Just after successfully authenticating by GitLab

Relevant information

I have changed the configuration for networking.auth to authenticate using GitLab.

configurations:

spec.networking.auth.identityProviderURL: https://gitlab.com # the actual gitlab provider
spec.networking.auth.oAuthClientName: < your-oauth-client-name > # client name/id
spec.networking.auth.oAuthSecret: < your-oauth-client-secret > # client secret

As per the changes, configuration applied successfully, but the issue I encountered that is:
Invalid callback URI. Just after successfully authenticating by GitLab

So I request everyone, if anyone know the callback URI after the authentication success?

[tolusha]

Hello @AkramMulani
Please follow these guides for installing and configuring Che.

[1] https://eclipse.dev/che/docs/stable/administration-guide/installing-che/
[2] https://eclipse.dev/che/docs/stable/administration-guide/configuring-oauth-for-git-providers/

[AkramMulani]

Hello @tolusha

I have already gone through the mentioned documentation, but my question is regarding the user authentication in dashboard, like by default there is "Dex" and I wanted to replace it by GitLab. So I think we can configure it in CheCluster custom resources.

I had change that identity provider with GitLab one.

And It's working, I can now sign in using GitLab.

But again in the second document you provided, about OAuth for GitLab,

1. Create new Application with following :

• Name
• Redirect callback URL
• Check boxes

2. Save the Id and Secretes

In this the redirect callback URL is given in documentation:
https://che-host/api/oauth/callback

But when I gave this url, in the dashboard's login page, after the sign in success, I got the error page of GitLab with message "Invalid callback URL".

So I wondering if there is any other callback URL provided in Eclipse che that after successfully sign in it will redirect to it.

I have also tried with following, but the same result I found:

1. https://che-host/callback
2. https://che-host/dashboard/

I'll share snapshots also.

Any highlights in this?

[tolusha]

Hello @AkramMulani
To be honest, I haven't tried to configure GitLab as OIDC. Which doc did you follow?
Maybe I will have some idea.

[AkramMulani]

Hello @tolusha

I followed official documentation for CheCluster custom resources.

https://eclipse.dev/che/docs/stable/administration-guide/checluster-custom-resource-fields-reference/

Firstly I got the custom resources for che from kubectl configurations, "checluster.yaml".

By following the "auth options" table in documentation I have just changed the following tags:
identityProviderURL - gitlab provider url
oAuthClientName - gitlab application client id
oAuthSecret - gitlab application client secret

[tolusha]

The fields below are used to configure OIDC provider, not a git provider.
'oAuthSecret'
'oAuthClientName'
'identityProviderURL'

[AkramMulani]

Ok so any inputs from your side regarding how to configure custom authentication by gitlab/github

[tolusha]

I think, the only way is to confiure OIDC (like dex) to work with gitlab.
For instance https://dexidp.io/docs/connectors/gitlab/

[huonguyenlt]

I had change that identity provider with GitLab one.

And It's working, I can now sign in using GitLab.

@AkramMulani as I understand, you have successfully sign in with gitlab? Can you share me your setup. I am having the same issue with your initial issue that after login to gitlab it give me the error Callback URL is invalid