Mattermost, Inc.

[Solved] Gitlab Mattermost 8.0.4 SSO issue - The redirect URI included is not valid

Hi!

I’m using gitlab-ce-8.0.4-ce.1.el7.x86_64 (rpm instalaltion).

I have configured for test purposes the Mattermost on example external address, then I have changed my if from http://mattermost.mycompany.local to https://mm-one.mycompany.local.

  1. changed http to https
  2. changed DNS domain name of the service

I can run Gitlab ok, while Mattermost gives me: An error has occurred - The redirect URI included is not valid. This is happening on SSO with gitlab user database (in the begining mm was asking me to authorize the user’s request). (https://gitlab161.mycompany.local/oauth/authorize?response_type=code&client_id=483c439abcfd76580799a313fa4dd4e5ad00fdbc8640baf80a4ed8d7811ab858&redirect_uri=https%3A%2F%2Fmm-one.mycompany.local%2Fsignup%2Fgitlab%2Fcomplete&state=eyJoYXNoIjoiJDJhJDEwJHYyd1M3Z3psTUlLWVFZSGxiUm50UXU1b1NnUjZmdGg2SVJIRGxhajZKT045bW8vWjJHZDcyIiwidGVhbSI6Imp3N2Q2NXl6N3ByYXQ4dWR1c3d1aHhzb2RlIn0%3D )

In production.log I found:

Started GET “/oauth/authorize?response_type=code&client_id=483c439abcfd76580799a313fa4dd4e5ad00fdbc8640baf80a4ed8d7811ab858&redirect_uri=https%3A%2F%2Fmm-one.mycompany.local%2Fsignup%2Fgitlab%2Fcomplete&state=eyJoYXNoIjoiJDJhJDEwJEhuYUpYL21TNWlPUHpFV0ZGSThqRC5VaGVwRVluMFMxLzNOelNBa2JESHpqc1hHVDNnSkltIiwidGVhbSI6InF3azh5NWVhemZyeG1xaG16aTU0ZW85bzRvIn0%3D” for 127.0.0.1 at 2015-10-13 12:41:14 +0200
Processing by Oauth::AuthorizationsController#new as HTML
Parameters: {“response_type”=>“code”, “client_id”=>“483c439abcfd76580799a313fa4dd4e5ad00fdbc8640baf80a4ed8d7811ab858”, “redirect_uri”=>“https://mm-one.mycompany.local/signup/gitlab/complete”, “state”=>“eyJoYXNoIjoiJDJhJDEwJEhuYUpYL21TNWlPUHpFV0ZGSThqRC5VaGVwRVluMFMxLzNOelNBa2JESHpqc1hHVDNnSkltIiwidGVhbSI6InF3azh5NWVhemZyeG1xaG16aTU0ZW85bzRvIn0=”}
Completed 200 OK in 232ms (Views: 205.0ms | ActiveRecord: 13.2ms)

----- Configuration -------------------------------------
mattermost_external_url 'https://mm-one.mycompany.corp
mattermost_nginx[‘redirect_http_to_https’] = true
mattermost[‘service_use_ssl’] = true
mattermost[‘email_by_pass_email’] = false
mattermost[‘email_smtp_server’] = “localhost:25"
mattermost[‘email_feedback_email’] = "user@mycompany.com

PKI works fine - all issuers are in place. This is happening on IE,Egde,Firefox,Chrome.

Any clues?

Upgrade to gitlab-ce-8.1.0-ce.1.el7.x86_64 helped.

Thanks @kmazurek for the update!