Mattermost Peer-to-Peer Forum

Impossible to log-in using v4/api


#1

Hi,
I post here because i didn’t find any solutions for my issues.
My mattermost configuration only accept the log-in via GitLab.
GitLab is already configured and i can log-in , create chanels, and send some messages,
but i would like my own app access to those kind of messages.
For that i planned to use these api:
https://myMattermostAdress/api/v4/users/login and post my login info :
{
“login_id”:“A_USER”,
“password”:“A_PASSWORD”
}

But it gives me these answer :

{“id”:“api.user.login.use_auth_service.app_error”,“message”:“Please sign in using gitlab”,“detailed_error”:"",“request_id”:“89erzzp3c7ngbkpf9wcbrrt1do”,“status_code”:400}

And i don’t know how to solve it. I specify that i read all the api’s documentation concerning OAuth but that doesn’t help me…
So i ask for your help because i’m stuck and this is very frustrating.

Thanks in advance, Alexandre


#2

Are you using a regular user to login or a user thru gitlab? I think there was an issue of not being able to use the API authenticating with gitlab credentials, so try using a localuser.

EDIT:

OK, found it, check this https://gitlab.com/gitlab-org/omnibus-gitlab/issues/2339


#3

I am currently using a gitlab user, and i can’t use a local account because it would create a security flew?
I’ll take a look at this post! thanks

EDIT : that didn’t help me…


#4

So here what i’ve tried to do this morning:
I looked at all the web request made when i connect successfully with the GUI and here is all the request that have been made:

https://Mattermost-Adress/api/v3/oauth/gitlab/login

https://GitLab-Adress/oauth/authorize?response_type=code&client_id=MyClientId
Seems that during the process the navigator retrieve a “location” with a “code” and a “state” :

Server "nginx"
Date "Tue, 01 Aug 2017 09:20:10 GMT"
Content-Type "text/html; charset=utf-8"
Content-Length "335"
Location "https://Mattermost-Adress/signup/gitlab/complete?code=b0031d83ec2f19865722f2f4f689862a8ec7062af16f794a869510dba848759e&state=eyJhY3Rpb24iOiJsb2dpbiIsImhhc2giOiI1ZTIwZmNmODdlMzMyY2RiYTQzMWIzYjBjODNiMmExZjFiMDYwY2Q0MmI1NDBjODVkNWE5MGM4NGYzMTZmODRjIn0%3D"
Cache-Control “no-cache”

And then get the final url with the code and the state :

https://Mattermost-Adress/signup/gitlab/complete?code=b0unZCf0dKLA/yGx4aCnQETey/39KJOzQzcGr5OtSvgCjei11UWhCezqKxn8kBj1HMxnQL8geSvovqxA==&state=eyJhY3Rpb24iOiJsb2dpbiIsImhhc2giOiI1ZTIwZmNmODdlMzMyY2RiYTQzMWIzYjBjODNiMmExZjFiMDYwY2Q0MmI1NDBjODVkNWE5MGM4NGYzMTZmODRjIn0=

And in the response get this in the header:
Server "nginx"
Date "Tue, 01 Aug 2017 09:20:10 GMT"
Content-Type "application/json"
Content-Length "75"
Location "https://Mattermost-Adress"
Expires "0"
Set-Cookie "MMAUTHTOKEN=Something; Path=/; Expires=Thu, 31 Aug 2017 09:20:10 GMT; Max-Age=2592000; HttpOnly; SecureMMUSERID=Something; Path=/; Expires=Thu, 31 Aug 2017 09:20:10 GMT; Max-Age=2592000; Secure"
token "a token"
But when i try to do this manually i get this error : "{“id”:“api.user.authorize_oauth_user.bad_token.app_error”,“message”:“Bad token type”,“detailed_error”:"",“request_id”:“ebyike946iftfgea8yjmaw91rc”,“status_code”:500}"
So my Question is : is it possible to do this manually, with my app for exemple. Because it seems that i can’t use the /v4/users/login api.


#5

Unhappily I don’t use gitlab(all I can tell is that the v4 login works with a regular user), so I will ask around and see if I can get you any feedback on this.


#6

Ok thanks :slight_smile:
I’ll continue my test, and i’ll be back if i’ve something new


#7

On another note, could you post your code for login with the API, perhaps I might spot something.


#8

Sure! Here is what i use :
on RESTClient :
Method POST URL : https://Mattermost-URL/api/v4/users/login
Body : {
“login_id”:“user”,
“password”:“pw”
}

And the answer :

{
    "id": "api.user.login.use_auth_service.app_error",
    "message": "Please sign in using gitlab",
    "detailed_error": "",
    "request_id": "zdnkdp3k6pb53g3rcwpaik53nr",
    "status_code": 400
}

Can not able to call login api
#9

You’re doing the request using the browser developer’s tool? I suppose you would need to use https://Mattermost-Adress/api/v3/oauth/gitlab/login in your case.

And from the last request you take the token and use it in your header as described in the API to acquire the data you need.


EDIT:

I Just confirmed and indeed in your specific case, you can’t use the login /api/v4/users/login from the API docs, you would have to use the https://Mattermost-Adress/api/v3/oauth/gitlab/login and follow the flow until you get the token from the header and re-use that token to process API calls.

On the further conversion Mattermost is implementing an alternative to the issue in 4.1:


#10

This is what i’ve tried to do this morning ! You can see on the message 4 that i am unable to access the token on a dev tool , but i get it easely by redirections. But my app will not do this so i have to find a way to do it ! You know how to do this?


#11

The public release date for 4.1 is August 16th, but again its already available at https://github.com/mattermost/platform if you can compile it from there, otherwise u would have to wait or manually extract the token until gitlab upgrades to that version.

And in the response get this in the header:
Server "nginx"
Date "Tue, 01 Aug 2017 09:20:10 GMT"
Content-Type "application/json"
Content-Length "75"
Location "https://Mattermost-Adress"
Expires "0"
Set-Cookie "MMAUTHTOKEN=Something; Path=/; Expires=Thu, 31 Aug 2017 09:20:10 GMT; Max-Age=2592000; HttpOnly; SecureMMUSERID=Something; Path=/; Expires=Thu, 31 Aug 2017 09:20:10 GMT; Max-Age=2592000; Secure"
token “a token”

From the above you can either extract it from the cookie MMAUTHTOKEN=token here or the token header, and use it directly to call for example /api/v4/users/me by including the header on your request Authorization: Bearer token

Once you have the token you do not need to call the login again for the expiration period of the token.


#12

Ok thanks a lot for your help , now i have this :

Status Code: 200 OK
Content-Length: 532
Content-Type: application/json
Date: Tue, 01 Aug 2017 12:36:39 GMT
Etag: 3.10.0.yddrcj7f6bnn9m1cn55qh1jwxo.1501493031649.true.true
Expires: 0
Server: nginx
X-Firefox-Spdy: h2
X-Request-Id: t1nndi6f6bgpxy8fma44es9hgh
x-version-id: 3.10.0.3.10.0.6e41ab69e5ee4422aedccb79400fbbbf.false

So i am able to continue my dev. But then the token will be different for all the users so how do my app can have the data? Because actually the only answer i have from RESTClient is

Mattermost .error-screen{font-family:'Helvetica Neue',Helvetica,Arial,sans-serif;padding-top:50px;max-width:750px;font-size:14px;color:#333;margin:auto;display:none;line-height:1.5}.error-screen h2{font-size:30px;font-weight:400;line-height:1.2}.error-screen ul{padding-left:15px;line-height:1.7;margin-top:0;margin-bottom:10px}.error-screen hr{color:#ddd;margin-top:20px;margin-bottom:20px;border:0;border-top:1px solid #eee}.error-screen-visible{display:block}

Cannot connect to Mattermost


We’re having trouble connecting to Mattermost. If refreshing this page (Ctrl+R or Command+R) does not work, please verify that your computer is connected to the internet.


To use Mattermost, please enable JavaScript.

#13

Like I said above, the solution has been implemented on Mattermost 4.1(which is supposed to come out August 16th) if you can compile and use the master github version of it, you will have access to the new endpoints that circumvent the issue you are having with gitlab, otherwise you will need to extract the information as we discussed above, until you can upgrade to 4.1

EDIT:

More specifically this is what you need to automate the process https://github.com/mattermost/mattermost-api-reference/pull/275 you can follow that if you prefer.