Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error 401 when cloning a public repository with github oAuth enabled #21014

Closed
benoitf opened this issue Jan 13, 2022 · 7 comments
Closed

Error 401 when cloning a public repository with github oAuth enabled #21014

benoitf opened this issue Jan 13, 2022 · 7 comments
Labels
area/che-server kind/bug Outline of a bug - must adhere to the bug report template. severity/P1 Has a major impact to usage or development of the system.

Comments

@benoitf
Copy link
Contributor

benoitf commented Jan 13, 2022
edited
Loading

Describe the bug

If I configure github oAuth and then I try to open a link from a PUBLIC repository (example https://github.com/che-samples/java-spring-petclinic/tree/devfilev2) , I got 401 error on resolver/.che/che-theia-plugins.yaml file call

Che version

next (development version)

Steps to reproduce

  1. install che
  2. setup github oAuth by configuring a secret / https://www.eclipse.org/che/docs/next/administration-guide/configuring-authorization/#enabling-authentication-with-social-accounts-and-brokering_che
  3. start a workspace with https://che-server#https://github.com/che-samples/java-spring-petclinic/tree/devfilev2

I've a 401 error

If I import a private repository, then it works for public repository afterwards

Expected behavior

Able to start a workspace from a public repository

Runtime

OpenShift

Screenshots

No response

Installation method

chectl/next

Environment

Linux, other (please specify in additional context)

Eclipse Che Logs

No response

Additional context

No response
@benoitf benoitf added kind/bug Outline of a bug - must adhere to the bug report template. area/git area/che-server labels Jan 13, 2022
@che-bot che-bot added the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Jan 13, 2022
@benoitf benoitf added the severity/P1 Has a major impact to usage or development of the system. label Jan 13, 2022
@dmytro-ndp dmytro-ndp removed the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Jan 13, 2022
@mshaposhnik
Copy link
Contributor

mshaposhnik commented Jan 14, 2022
edited
Loading

Ok so that seems no be not the Che-server issue.
Explanation:

  • Step 0 We have OAuth configured, but user is not logged in yet (we have no user tokens stored)
  • Step 1 Dashboard asks for existing files (devfile.yaml, extensions.json etc) - they're accessible w/out authentication user to OAuth login; (see green oval on picture)
  • Step 2 Dashboard asks for unexisting file (/.che/che-theia-plugins.yaml) - Che server cannot know is the file is really not exists, or it is hidden by the private repo (since the GitHub responses are exactly the same) - and returns reponse that OAuth login is needed. (see red oval on picture). User must be redirected to it by dashb, but it is not. So it is seems to be a clearly Dashb issue.

image

@benoitf
Copy link
Contributor Author

benoitf commented Jan 14, 2022

but it looks strange if we're able to say that devfile exists and extensions.json exists but not for /.che/che-theia-plugins.yaml

che-server can know if repository exists (public) or not (does not exist or private)
if repository exists, if a file does not exist it's for sure a 404

@mshaposhnik
Copy link
Contributor

mshaposhnik commented Jan 14, 2022
edited
Loading

che-server can know if repository exists (public) or not (does not exist or private)

Not sure you can know this until logged in

@benoitf
Copy link
Contributor Author

benoitf commented Jan 14, 2022

anyway with #20583 even on a public repository we should use oAuth flow so it may be better to implement #20583

@benoitf
Copy link
Contributor Author

benoitf commented Jan 14, 2022

che-server can know if repository exists (public) or not (does not exist or private)

Not sure you can know this until logged in

curl https://api.github.com/repos/eclipse/che
exists and no 404

@mshaposhnik
Copy link
Contributor

Than not help much. You need to know if it;s 404 or 401 when not exists.

@benoitf
Copy link
Contributor Author

benoitf commented Jan 14, 2022

@mshaposhnik if repository exists, file does not exists = 404
if repository does not exist, then we always need to go to oAuth

in the issue example https://github.com/che-samples/java-spring-petclinicis a public repository so file not found is surely a 404

@mshaposhnik mshaposhnik mentioned this issue Jan 14, 2022
Merged
9 tasks
@skabashnyuk skabashnyuk mentioned this issue Feb 4, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/che-server kind/bug Outline of a bug - must adhere to the bug report template. severity/P1 Has a major impact to usage or development of the system.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@benoitf @dmytro-ndp @mshaposhnik @che-bot