Error 500 on first OAuth login attempt after restart

[coolaj86]

• Gitea version (or commit ref): v1.9-dev, v1.5.1 (and earlier)
• Git version:
• Operating system: Linux
• Database (use [x]):
  • PostgreSQL
  • MySQL
  • MSSQL
  • SQLite
• Can you reproduce the bug at https://try.gitea.io:
  • Yes (provide example URL)
  • No
  • Not relevant
• Log gist:

Description

Every time I first start gitea, the very first login attempt with oauth will result in a 500 error.

It doesn't happen again even if I clear the browser application cache.

It doesn't happen again even if I revoke the oauth app and go through the oauth flow again.

I believe I can narrow it down more, but I've experienced it in production several times after upgrading and restarting. I'll have to set up a dev environment to test it and get the logs (in prod the HTTP GETs just blow everything else away pretty quickly).

[coolaj86]

Although I’ve seen this multiple times, I can’t find the right conditions to reproduce it and it’s not as simple as just restarting.

I’ll close for now and reopen later if I can reproduce.

[coolaj86]

This is still plaguing me on 1.9-dev. It looks like it's related to this error in the logs:

handleOAuth2SignIn() [E] UserSignIn: could not find a matching session for this request

[lunny]

This should be resolved by #6467

[coolaj86]

It doesn't seem to be.

[coolaj86]

See also: #3837 (comment)

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs during the next 2 weeks. Thank you for your contributions.

[benchti]

Just to notify I just had the same error
Gitea Version: 1.9.1 / Go1.11.5

[camlafit]

Hello

For information, I manage server related by @benchti , we can do any test required. Note it's now updated to 1.9.2

[noerw]

I had a similar issue still on v1.13.0-rc1 with Nextcloud OAuth2 provider at the first login with a new account.
I'll try to figure out the general conditions..

[lunny]

2021/03/24 09:36:18 ...uters/routes/base.go:36:1() [I] Started GET /user/oauth2/github/callback?code=xxxxxxxxx&state=xxxxxxxxxxxxxx for 35.221.190.49:0
2021/03/24 09:36:18 ...m.io/xorm/core/db.go:286:afterProcess() [I] [SQL] SELECT `id`, `type`, `name`, `is_actived`, `is_sync_enabled`, `cfg`, `created_unix`, `updated_unix` FROM `login_source` WHERE (name = ? and type = ? and is_actived = ?) LIMIT 1 [github 6 true] - 736.295µs
2021/03/24 09:36:18 ...m.io/xorm/core/db.go:286:afterProcess() [I] [SQL] SELECT `id`, `data`, `created_unix`, `updated_unix`, `expires_unix` FROM `oauth2_session` WHERE (id = ? AND expires_unix >= ?) LIMIT 1 [xxxxxxxxx xxxxxxxx] - 511.573µs
2021/03/24 09:36:18 routers/user/auth.go:617:handleOAuth2SignIn() [E] UserSignIn: could not find a matching session for this request
	/source/routers/user/auth.go:617 (0x1fa4605)
	/source/routers/user/auth.go:612 (0x1fa355e)
	/source/modules/web/route.go:53 (0x1f7c482)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/vendor/github.com/go-chi/chi/mux.go:436 (0x1b355aa)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/modules/web/route.go:91 (0x1f7ca16)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/modules/web/route.go:91 (0x1f7ca16)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/modules/web/route.go:91 (0x1f7ca16)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/vendor/github.com/go-chi/chi/middleware/get_head.go:37 (0x21ad441)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/modules/context/context.go:704 (0x1b517e1)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/routers/routes/base.go:94 (0x21b4a01)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/routers/routes/base.go:94 (0x21b4a01)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/modules/public/public.go:85 (0x13f38e7)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/modules/public/public.go:85 (0x13f38e7)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/routers/routes/base.go:199 (0x21b65f0)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/vendor/gitea.com/go-chi/session/session.go:256 (0x154508e)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/vendor/github.com/go-chi/chi/mux.go:70 (0x1b3310a)
	/source/vendor/github.com/go-chi/chi/mux.go:311 (0x1b394fb)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/vendor/github.com/go-chi/chi/mux.go:436 (0x1b355aa)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/routers/routes/web.go:110 (0x21b7a3d)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/routers/routes/base.go:38 (0x21b367b)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/vendor/github.com/go-chi/chi/middleware/strip.go:30 (0x21add47)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/vendor/github.com/chi-middleware/proxy/middleware.go:37 (0x21a93ae)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/routers/routes/web.go:66 (0x21b757c)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/source/vendor/github.com/go-chi/chi/mux.go:87 (0x1b32e90)
	/source/modules/web/route.go:267 (0x1f7b9d3)
	/source/vendor/github.com/gorilla/context/context.go:141 (0x11b2e53)
	/usr/local/go/src/net/http/server.go:2069 (0x7bd0a3)
	/usr/local/go/src/net/http/server.go:2887 (0x7c0662)
	/usr/local/go/src/net/http/server.go:1952 (0x7bbb8c)
	/usr/local/go/src/runtime/asm_amd64.s:1371 (0x47a460)
	

2021/03/24 09:36:18 ...uters/routes/base.go:45:1() [I] Completed GET /user/oauth2/github/callback?code=xxxxxxx&state=xxxxxxxx 500 Internal Server Error in 3.592015ms

[senthilrch]

I have exactly the same issue using Gitea v1.13.7:-

2021/06/22 06:30:08 routers/user/auth.go:612:handleOAuth2SignIn() [E] UserSignIn: could not find a matching session for this request

[zeripath]

I suspect it's some issue to do with the loginsources not registering their providers with gothic (or not actually completely registered by the time that it comes to login.)

I think however that the use of gothic here is probably incorrect and we should just use goth or just the providers directly ourselves.

I guess I will have a look in #16199 or after that is merged.

[jacksgt]

Hey,
I'm seeing this issue also on Gitea 1.15.11. It's exactly the same as described above, so I won't repeat all the details.
Is there any way I can help debug this issue?
(I'm familiar with Go and it's debugging tools if that helps, however don't have any knowledge about the Gitea application so I would need some pointers).

[wxiaoguang]

For this error: [E] UserSignIn: could not find a matching session for this request

Two possibilities:

1. ROOT_URL doesn't match
2. Cookie SAME_SITE = strict doens't work with external SSO #27033

I think this issue could be closed