Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OIDC group mappings don't apply at registration #26415

Closed
garymoon opened this issue Aug 9, 2023 · 3 comments
Closed

OIDC group mappings don't apply at registration #26415

garymoon opened this issue Aug 9, 2023 · 3 comments
Labels
issue/needs-feedback For bugs, we need more details. For features, the feature must be described in more detail

Comments

@garymoon
Copy link
Contributor

garymoon commented Aug 9, 2023

Description

When a new user signs in/registers via OIDC, team mappings as declared in the authentation source don't take effect on the initial login. They do apply from the second login onward.

I would speculate that it's not a race issue since I can also repro it with email validation enabled.

Using OKTA as the idp.

Gitea Version

main branch

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

No response

Screenshots

No response

Git Version

No response

Operating System

No response

How are you running Gitea?

make watch

Database

PostgreSQL
@kdumontnu
Copy link
Contributor

Can you please include a brief overview of the steps to follow to reproduce this and include the gitea version number that includes the commit sha?

Also, for traceability, this functionality was first implemented in #21441

@KN4CK3R
Copy link
Member

KN4CK3R commented Aug 11, 2023

I can't reproduce the problem. I used a Keycloak test instance with an additional "groups" mapper.

Keycloak:
grafik

grafik

Gitea:
grafik

Then I opened <gitea>/user/login and used "Sign in with keycloak". This redirects to Keycloak. After the login Gitea presents the "this is your username and password" screen. After that I'm logged in into Gitea and the user has the group membership.

26415.mp4

@KN4CK3R KN4CK3R added issue/needs-feedback For bugs, we need more details. For features, the feature must be described in more detail and removed type/bug labels Aug 29, 2023
@yardenshoham yardenshoham mentioned this issue Sep 8, 2023
Merged
@garymoon
Copy link
Contributor Author

My apologies, I am not able to reproduce this locally myself :(

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Oct 28, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
issue/needs-feedback For bugs, we need more details. For features, the feature must be described in more detail
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@KN4CK3R @garymoon @kdumontnu