Context
- Sonarqube: 9.2.4.50792 → https[://]sonar[.]dev[.]mycompany[.]com
- Gitlab: 13.4.3-ee → http[://]git[.]mycomany[.]com
What I am trying to achieve:
I try to delegate SonarQube authentication to Gitlab Self-Hosted.
What I’ve done:
Following the official SonarQube documentation (GitLab Integration | SonarQube Docs), I’ve created a “GitLab OAuth app”:
- Went to git.mycompany.com/admin/applications
- New Application:
- Name: SonarQube
- Redirect URI: https[://]sonar[.]dev[.]mycompany[.]com/oauth2/callback/gitlab
- Trusted: Checked
- Confidential: Checked
- Scopes: all checked, to be sure my issue was not an access issue. (I’ll tune it later)
- I have copied both Application ID and Secret to use later.
- Went to https[://]sonar[.]dev[.]mycompany[.]com/admin/settings?alm=gitlab&category=almintegration
- GitLab Authentication:
- Enabled: Yes, of course
- GitLab URL: http[://]git[.]mycomany[.]com/users/auth/gitlab/callback
- Application ID: The one given by GitLab during step 2
- Secret: The one given by GitLab during step 2
- Allow users to sign-up: Enabled
- Synchronize user groups: Enabled
- Disconnected to my admin account
- The new Log in with GitLab is well shown:
- When I clicked on this new button, I was well redirected to my GitLab instance (URL: http[://]git[.]mycomany[.]com/users/sign_in).
- I was using my GitLab credentials then clicked on “Sign in”
- I’ve got a GitLab 404 error page:
The URL was:
http://git.mycomany.com/users/auth/gitlab/callback/oauth/authorize?response_type=code&client_id=<MY_APPLICATION_ID>&redirect_uri=http%3A%2F%2Fsonar.dev.mycompany.com%3A9000%2Foauth2%2Fcallback%2Fgitlab&scope=api&state=ai1rq82joi504ggv3nc1qa0h29
The redirect_uri seems to be constructed with my sonar.properties informations (html_encoded):
"http://" + sonar.web.host + ":" sonar.web.port + "oauth2/callback/gitlab"
Investigation:
While I’m reproducing this error, I’m following (tail -f) some log files:
root@sonar.dev.mycompany.com: tail -f /var/log/httpd/*_log /var/log/message /home/sonar/sonarqube/logs/*.log
As expected, there is no information regarding the error 404 on GitLab. On my GitLab server :
root@git.mycompany.com: tail -f /var/log/httpd/*_log /var/log/message /var/log/gitlab/*/current
And a message appears:
==> /var/log/gitlab/gitlab-workhorse/current <==
{
"correlation_id":"ZUVztnRFFe9",
"duration_ms":62,
"host":"git.mycompany.com",
"level":"info",
"method":"GET",
"msg":"access",
"proto":"HTTP/1.1",
"referrer":"",
"remote_addr":"127.0.0.1:0",
"remote_ip":"127.0.0.1",
"status":404,
"system":"http",
"time":"2022-01-19T18:06:47+01:00",
"uri":"/users/auth/gitlab/callback/oauth/authorize?response_type=code\u0026client_id=<MY_APPLICATION_ID>\u0026redirect_uri=http%3A%2F%2Fsonar.dev.mycompany.com%3A9000%2Foauth2%2Fcallback%2Fgitlab\u0026scope=api\u0026state=16r2cvc196v4fj8k0rv7oprs6h",
"user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Edg/97.0.1072.62",
"written_bytes":28281
}
Is there anyone who can help me?
Note: In the next days, I’ll try to do my install process using Sonarqube 9.3.0.51899 and keeping the same version of GitLab EE
Note 2: Same question on stackoverflow: oauth 2.0 - SonarQube delegate authentication to GitLab fail [404 not found] - Stack Overflow
