Search code examples
laravelauthenticationgitlabguzzlelaravel-socialite

Laravel Socialite Gitlab 401

I have a local project where i'd like to use my gitlab credentials to login. I am using Laravel Socialite for this and downloaded the socialiteproviders/gitlab package into my project.

In gitlab.mycompany.be, I have created an application key, a secret key and the uri are as follows:

http://react.test/login
http://react.test/login/gitlab/callback

I have included the providers:

'gitlab' => [
        'client_id' => env('GITLAB_KEY'),
        'client_secret' => env('GITLAB_SECRET'),
        'redirect' => env('GITLAB_REDIRECT_URI'),
        'instance_uri' => env('GITLAB_BASE_URL'),
    ],

And my LoginController looks like this:

use AuthenticatesUsers;

/**
 * Where to redirect users after login.
 *
 * @var string
 */
protected $redirectTo = '/home';

/**
 * Create a new controller instance.
 *
 * @return void
 */
public function __construct()
{
    $this->middleware('guest')->except('logout');
}

public function redirectToProvider()
{
    return Socialite::driver('gitlab')->redirect();
}

public function handleProviderCallback()
{
    $user = Socialite::driver('GitLab')->user();
    $accessTokenResponseBody = $user->accessTokenResponseBody;
    // $user->token;
}

My routes:

Route::get('/', function () {
    return view('welcome');
});

Auth::routes();

Route::get('/home', 'HomeController@index')->name('home');

Route::resource('tasks', "TaskController");

Route::get('login', 'Auth\LoginController@redirectToProvider');
Route::get('login/gitlab/callback', 'Auth\LoginController@handleProviderCallback');

What my .env looks like:

GITLAB_TOKEN=***
GITLAB_KEY=***
GITLAB_SECRET=***
GITLAB_REDIRECT_URI=http://react.test/login/gitlab/callback
GITLAB_BASE_URL=http://gitlab.mycompany.be/
GITLAB_METHOD=token
GITLAB_HOST="http://gitlab.mycompany.be/"

I am able to login with my account from gitlab.mycompany.be, but after the redirect I am getting the following message:

GuzzleHttp \ Exception \ ClientException (401)

Client error: POST https://gitlab.com/oauth/token resulted in a 401 Unauthorized response: {"error":"invalid_client","error_description":"Client authentication failed due to unknown client, no client authenticat (truncated...)

Why is guzzle returning a 401 unauthorized ?

Solution

  • I found the solution to my own question for anyone else who might be interested:

    I changed:

    public function redirectToProvider()
{
    return Socialite::driver('gitlab')->redirect();
}

public function handleProviderCallback()
{
    $user = Socialite::driver('GitLab')->user();
}

    To

    public function redirectToProvider()
{
    return Socialite::driver('gitlab')->stateless()->redirect();
}

public function handleProviderCallback()
{
    $user = Socialite::driver('GitLab')->stateless()->user();
}

    And then further in my callback I store the user in the DB 

    public function handleProviderCallback(Request $request)
{
    $user = Socialite::driver('gitlab')->stateless()->user();

    $authUser = $this->findOrCreateUser($user);

    Auth::login($authUser, true);

    return redirect()->route('/');
}

    And now it's working exactly as it should.