Mattermost, Inc.

[SOLVED] Mattermost Gitlab - Token request failed


Getting the message “Token request failed” when i try to authorize mattermost on gitlab.

Steps to reproduce

I followed the gitlab mattermost install page, i’m runing the whole gitlab environment in dockers (using official image)

Expected behavior

Describe your issue in detail

Observed behavior

Once i try to login on my mattermost env through gitlab, It keep telling my that the Token registration as been rejected.

  1. Mattermost login page

  2. Mattermost authorization

  3. Token rejected

  4. Gitlab logs

==> /var/log/gitlab/gitlab-rails/production.log <==
Started POST "/oauth/authorize" for at 2016-12-12 08:26:34 +0000 Processing by Oauth::AuthorizationsController#create as HTML  Parameters: {"utf8"=>"✓", "authenticity_token"=>"hV5Kc5q0KRgKZNmMAh49UdGSejbajoFKCIyrPtr3WkkHTReY6tES+agMno6VZcO2b3z+r0qv0pbjJaBl/VSljw==", "client_id"=>"8ff5c2c69203be0290d8e3f1f47b23781f84a544d760833bb87618da891d49ef", "redirect_uri"=>"", "state"=>"eyJhY3Rpb24iOiJsb2dpbiIsImhhc2giOiIkMmEkMTAkV3lyOFBCNVliS05MMEJwMVZSS1BOZXJEanB2emhpR1l3YWc0NHlaaC96c252aVk5YUJFRW0ifQ==", "response_type"=>"code", "scope"=>"api"} Redirected to Completed 302 Found in 85ms (ActiveRecord: 16.0ms)

==> /var/log/gitlab/gitlab-workhorse/current <==
2016-12-12_08:26:34.73912 - - [2016-12-12 08:26:34.63540592 +0000 UTC] "POST /oauth/authorize HTTP/1.1" 302 326 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36" 0.103534

==> /var/log/gitlab/mattermost/current <==
2016-12-12_08:26:34.83189 [2016/12/12 08:26:34 UTC] [EROR] /signup/gitlab/complete:AuthorizeOAuthUser code=500 rid=e95id3iwztfrzdkbqk5es959ew uid= Token request failed [details: Post dial tcp getsockopt: connection refused]

==> /var/log/gitlab/mattermost/mattermost.log <==
[2016/12/12 08:26:34 UTC] [EROR] /signup/gitlab/complete:AuthorizeOAuthUser code=500 rid=e95id3iwztfrzdkbqk5es959ew uid= Token request failed [details: Post dial tcp getsockopt: connection refused]

  1. Gitlab config
mattermost_external_url ''
mattermost['enable'] = true
mattermost['service_use_ssl'] = true
mattermost_nginx['ssl_certificate'] = "/etc/letsencrypt/live/"
mattermost_nginx['ssl_certificate_key'] = "/etc/letsencrypt/live/"
mattermost['service_use_ssl'] = true
mattermost['service_address'] = ""
mattermost['service_port'] = "8065"
mattermost['service_enable_incoming_webhooks'] = true
mattermost['service_enable_outgoing_webhooks'] = true
mattermost['service_enable_oauth_service_provider'] = true
mattermost['team_site_name'] = "Mattermost"
mattermost['team_enable_team_creation'] = true
mattermost['team_enable_user_creation'] = true
mattermost['team_allow_public_link'] = true
mattermost['gitlab_enable'] = true
mattermost['gitlab_secret'] = "f34a8493af9eb0f060ed767c308f890eae56a9d93e52e13e3310b502dd3f6ebe"
mattermost['gitlab_id'] = "8ff5c2c69203be0290d8e3f1f47b23781f84a544d760833bb87618da891d49ef"
mattermost['gitlab_scope'] = ""
mattermost['gitlab_auth_endpoint'] = ""
mattermost['gitlab_token_endpoint'] = ""
mattermost['gitlab_user_api_endpoint'] = ""
mattermost['email_enable_sign_up_with_email'] = true
mattermost['service_enable_insecure_outgoing_connections'] = true

I looked at every single setting again and again without success. Mail login is working.

PS: Sorry for gyazo’s link, as a new registered user, i can’"t post more than 1 image in a post, also edited links as i can only post 2 in a single post.

nobody has a clue ? :confused:

Hi @repz

By looking at the logs you posted it seems that Mattermost is not able to connect to your gitlab server Post dial tcp getsockopt: connection refused can you ensure that the docker container for Mattermost can reach the IP address above and that the port 443 is open?

1 Like

Yes it was related to ssl. Fixed it.

Hi how did you fix it pls? I have the same issue.

The option hostname: adds the /etc/hosts record 172.xx.0.x so all requests go internally bypass the reverse proxy. It’s fine for http, but when it comes to https, you are getting https://gitlab.example./oauth/token: dial tcp 172.xx.0.x:443: getsockopt: connection refused`

I kept hostname option and specified http urls in gitlab endpoints. My config:

external_url ''
nginx['listen_port'] = 80
nginx['listen_https'] = false
mattermost_external_url ''
mattermost_nginx['listen_port'] = 80
mattermost_nginx['listen_https'] = false
mattermost['gitlab_auth_endpoint'] = ""
mattermost['gitlab_token_endpoint'] = ""
mattermost['gitlab_user_api_endpoint'] = ""

I had the same issue after configuring GitLab Pages custom domains. GitLab requires using separate IPs for GitLab and GitLab Pages if custom domains are enabled, therefore we changed the configuration from

nginx['listen_addresses'] = ["", "[::]"]


nginx['listen_addresses'] = ["our_public_ipv4_ip", "[our_public_ipv6_ip]"]

Afterwards we got the token request failed error message because our /etc/hosts file contains an entry and there was no webserver listening on anymore.

We fixed this by changing the configuration to

nginx['listen_addresses'] = ["", "[::1]", "", "our_public_ipv4_ip", "[our_public_ipv6_ip]"]

(I also added and [::1], just to be sure.)