Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

404 After Logging into Decap #7172

Closed
peterstory opened this issue Apr 10, 2024 · 8 comments · Fixed by #7242
Closed

404 After Logging into Decap #7172

peterstory opened this issue Apr 10, 2024 · 8 comments · Fixed by #7242
Labels
area: extensions/backends/gitlab type: bug code to address defects in shipped code

Comments

@peterstory
Copy link

Describe the bug
After logging into Decap, I get a "404 Project Not Found" error.

To Reproduce

  1. Load https://trinityworc.gitlab.io/admin/
  2. Click "Login with GitLab"
  3. Authorize the application

Expected behavior
The Decap CMS GUI should load.

Screenshots
I'm stuck at "Logging in..."
Screenshot 2024-04-10 at 3 08 54 PM

Applicable Versions:

  • Decap CMS version: ^3.1.2 (so I assume the latest version?)
  • Git provider: GitLab
  • OS: macOS
  • Browser version: Safari 17.3.1

CMS configuration
https://trinityworc.gitlab.io/admin/config.yml

Additional context
Console errors:

[Error] Failed to load resource: the server responded with a status of 404 () (trinityworc/trinityworc.gitlab.io, line 0)
[Error] API_ERROR: 404 Project Not Found
	(anonymous function) (decap-cms.js:393:16206)

This request was successful:

Request
:method: GET
:scheme: https
:authority: gitlab.com
:path: /api/v4/projects/trinityworc%2Ftrinityworc.gitlab.io
Accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Authorization: Bearer 44af145562 (TRUNCATED)
Cache-Control: max-age=0
Connection: keep-alive
Host: gitlab.com
Origin: https://trinityworc.gitlab.io
Referer: https://trinityworc.gitlab.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15

This request gave a 404:

Request
:method: GET
:scheme: https
:authority: gitlab.com
:path: /api/v4/projects/trinityworc%2Ftrinityworc.gitlab.io
Accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Authorization: token 44af145562 (TRUNCATED)
Cache-Control: max-age=0
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Host: gitlab.com
If-None-Match: W/"e7f905f7124af22dde92440cfb4b51fb"
Origin: https://trinityworc.gitlab.io
Referer: https://trinityworc.gitlab.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15
@peterstory peterstory added the type: bug code to address defects in shipped code label Apr 10, 2024
@shannonphillipl
Copy link

shannonphillipl commented Apr 17, 2024
edited
Loading

+1, seeing exactly the same behavior.

The request to GitLab 404s. When I make the same exact request (using cURL) and change the Authorization header by replacing "token" with "Bearer," the request succeeds.

@Marcyoyo
Copy link

+2 can confirm - same issue with a self-hosted gitlab instance.

@martinjagodic
Copy link
Member

Does login work on your setups with any of the previous versions of Decap?

@peterstory
Copy link
Author

@martinjagodic I hardcoded the version to 3.1.2, and I logged in without issue. So it seems there was a regression.

@martinjagodic
Copy link
Member

@peterstory 3.1.2 is the version you mentioned in the original comment as the one with the problem. The latest is 3.1.10. If you have some time, could you check which versions have the problem and which don't? So we can identify the culprit more easily.

@peterstory
Copy link
Author

To clarify, when I opened the issue my admin page used this URL:
https://cdn.jsdelivr.net/npm/decap-cms@^3.1.2/dist/decap-cms.js
Following the URL and searching the source code shows that: version:"decap-cms@3.1.10"

Then, I edited the URL to be:
https://cdn.jsdelivr.net/npm/decap-cms@3.1.2/dist/decap-cms.js
Which of course has: version:"decap-cms@3.1.2"

So I have the error with 3.1.10, and I don't have the error with 3.1.2.

@robinkruyt
Copy link

I'm having the same problem using "the latest version", when reverting to specific 3.1.2 the problem no longer exists. Using gitlab.com

@b-xb
Copy link

b-xb commented Jun 22, 2024
edited
Loading

Was being driven mad by this issue today.

I found the exact piece of code that is causing the issue....

At the following link you can see a piece of code was introduced that calls getDefaultBranchName()

decap-cms@3.1.2...main#diff-c2b33fd12ce38e1438c9c43cd2be709d291d165dd6a70dd8c4377d3a075fdad1

getDefaultBranchName() calls apiRequest()

https://github.com/decaporg/decap-cms/blob/main/packages/decap-cms-lib-util/src/API.ts#L239

apiRequest() calls constructRequestHeaders()

https://github.com/decaporg/decap-cms/blob/main/packages/decap-cms-lib-util/src/API.ts#L201C26-L201C37

constructRequestHeaders() then explicitly uses "token" instead of "Bearer" (which is what gitlab requires) causing the error to be thrown

https://github.com/decaporg/decap-cms/blob/main/packages/decap-cms-lib-util/src/API.ts#L185

This was referenced Jun 28, 2024
Merged
Merged
martinjagodic pushed a commit to jmfiaschi/decap-cms that referenced this issue Aug 1, 2024
@floscher
Change Authorization header type for API requests from "token" to "…
029e11d 
…Bearer" (decaporg#7242)

The authorization type "Bearer" is more widely recognized than "token". E.g. Gitlab requires that you use "Bearer".
This should fix decaporg#7172 where apparently login with Github was broken by this line: decaporg#7172 (comment)
See also: decaporg#5844 (comment)
martinjagodic pushed a commit that referenced this issue Aug 5, 2024
@floscher @martinjagodic
Change Authorization header type for API requests from "token" to "…
29f7f48 
…Bearer" (#7242)

The authorization type "Bearer" is more widely recognized than "token". E.g. Gitlab requires that you use "Bearer".
This should fix #7172 where apparently login with Github was broken by this line: #7172 (comment)
See also: #5844 (comment)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area: extensions/backends/gitlab type: bug code to address defects in shipped code
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix login with Gitlab (change API Authorization header "token" → "Bearer")
6 participants
@robinkruyt @peterstory @b-xb @shannonphillipl @martinjagodic @Marcyoyo