GitHub authentication in SonarQube failing

github
authentication
(Rachana) #1
  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
    • SonarQube 7.3
  • what are you trying to achieve
  • GitHub authentication for SonarQube failing
  • what have you tried so far to achieve this
  • I am trying to integrate GitHub authentication with Sonarqube 7.3.

I have created a oauth app in Github and update the client id and clien secret in the sonarqube github configurations. Also, in Github I have updated the Sonarqube https url in both “Homepage URL” and “Authorization callback URL” as something like “https://sample.com/” and “https://sample.com/oauth2/callback” respectively.

I have setup apache webserver to redirect 443 port to 8080(which is configured in sonarqube). In addition to client ID and client secret following configurations are added in GitHub Sonarqube: - Enable GitHub users to login. Value is ignored if client ID - set to true - Allow users to sign-up - set to true - Login generation strategy - same as GitHub Login - The WEB url for a GitHub instance - https://github.xxx.com/

I am getting either of the below exception in the web.log. There are no errors in the sonar.log when I try to login with GitHub. Any input on this will be highly helpful. Thanks in advance!

ERROR web[AWjLlTrGoEbR6VQ0AABX][o.s.s.a.AuthenticationError] Fail to callback authentication with 'github' java.lang.IllegalStateException: Fail to execute request 'https://api.github.com/user'. HTTP code: 401, response: {"message":"Bad credentials","documentation_url":"https://developer.github.com/v3"}
    at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.StackOverflowError: null
    at java.lang.reflect.InvocationTargetException.(InvocationTargetException.java:72)
    at sun.reflect.GeneratedMethodAccessor156.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at ch.qos.logback.classic.spi.ThrowableProxy.(ThrowableProxy.java:66)
    at ch.qos.logback.classic.spi.ThrowableProxy.(ThrowableProxy.java:60)
    at ch.qos.logback.classic.spi.ThrowableProxy.(ThrowableProxy.java:72)
    at ch.qos.logback.classic.spi.ThrowableProxy.(ThrowableProxy.java:60)
    at ch.qos.logback.classic.spi.ThrowableProxy.(ThrowableProxy.java:72)
    at ch.qos.logback.classic.spi.ThrowableProxy.(ThrowableProxy.java:60)
    at ch.qos.logback.classic.spi.ThrowableProxy.(ThrowableProxy.java:72)
    at ch.qos.logback.classic.spi.ThrowableProxy.(ThrowableProxy.java:60)
(Julien Lancelot) #3

Hi @rachana

The issue seems to come from the GitHub configuration :

You should double check the client Id and the client secret.

Regards,
Julien Lancelot

1 Like
(Rachana) #4

Thanks for your response. I verified the client ID and secret ID they look good. The oauth app setting in Github was set through as my user login in Github. However, I am still unable to login with my user account when trying to authenticate through Github for logging into SonarQube.