Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-44121

[Gitlab auth] The requested scope is invalid, unknown, or malformed.

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      We tried to use this plugin, and after the configuration, we could login to gitlab and the gitlab shows this error:

      "An error has occurred

      The requested scope is invalid, unknown, or malformed."

       

      We use this versions:

      Gitlab: Comunity Edition 9.1.2

      Jenkins: 2.46.2

      Gitlab auth plugin: 1.0.9

       

      We tried with http and https.

      Our configuration:

      <authorizationStrategy class="org.jenkinsci.plugins.GitLabAuthorizationStrategy" plugin="gitlab-oauth@1.0.9">
      <rootACL>
      <organizationNameList class="linked-list">
      <string></string>
      </organizationNameList>
      <adminUserNameList class="linked-list">
      <string>xxxxxxxxxxx</string>
      </adminUserNameList>
      <authenticatedUserReadPermission>true</authenticatedUserReadPermission>
      <useRepositoryPermissions>false</useRepositoryPermissions>
      <authenticatedUserCreateJobPermission>true</authenticatedUserCreateJobPermission>
      <allowGitlabWebHookPermission>false</allowGitlabWebHookPermission>
      <allowCcTrayPermission>false</allowCcTrayPermission>
      <allowAnonymousReadPermission>false</allowAnonymousReadPermission>
      <allowAnonymousJobStatusPermission>false</allowAnonymousJobStatusPermission>
      </rootACL>
      </authorizationStrategy>
      <securityRealm class="org.jenkinsci.plugins.GitLabSecurityRealm">
      <gitlabWebUri>http://xx.xx.xx.xx</gitlabWebUri>
      <gitlabApiUri>http://xx.xx.xx.xx</gitlabApiUri>
      <clientID>xxxxxxxxxxxxxxxxxxxxx</clientID>
      <clientSecret>xxxxxxxxxxxxxxxxx</clientSecret>
      </securityRealm>

       

      and in gitlab app, we used "read_user" scope.

       

      Any idea or posible wrong configuration?

      Thanks for all.

       

        Attachments

          Activity

          Hide
          t3sn t3sn tech added a comment -

          It is failing because you have used the "read_user" scope only.
          It is not documented anywhere, but the plugin seems to mandatorily need only the "api" scope in the oauth settings in gitlab.

          I had the same error, which went away on changing the scope to "api". You may need to provide additional scopes depending upon the authorisations you use.

          Show
          t3sn t3sn tech added a comment - It is failing because you have used the "read_user" scope only. It is not documented anywhere, but the plugin seems to mandatorily need only the "api" scope in the oauth settings in gitlab. I had the same error, which went away on changing the scope to "api". You may need to provide additional scopes depending upon the authorisations you use.

            People

            Assignee:
            elhabib_med Mohamed El Habib
            Reporter:
            monica_beeva Mónica Boto
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: