How to define GitLab as custom oauth2 provider in Social Login app

🍱 Features & apps
1

I am attempting to use GitLab as my oauth2 provider in the Social Login app. It fails on the step redirect step after I am successfully directed to GitLab where I log in:

The redirect URI included is not valid.

It displays this error in what appears to be the GitLab user settings page. The URL in the address bar looks like

https://gitlab.com/oauth/authorize?response_type=code&client_id=1cb...b9&redirect_uri=https%3A%2F%2Fcloud.example.com%2Fapps%2Fsociallogin%2Fcustom_oauth2%2Fgitlab&scope=read_user%2Bread_api&state=HA...US8

In the Social Login admin settings, I have the following for the Custom Oauth2 definition:

GitLab
https://gitlab.com/api/v4/
https://gitlab.com/oauth/authorize
https://gitlab.com/oauth/token
https://gitlab.com/oauth/profile
(empty)
[my client id]
[my client secret]
read_user+read_api
(empty)
(empty)
GitLab

In my GitLab application definition (User Settings > Applications) I have the Callback URL as https://cloud.example.com/apps/sociallogin/oauth/ with scopes read_user and read_api (these were the scopes required for me to use GitLab in a JupyterHub deployment that is working properly).

Has anyone configured this successfully for use with GitLab and can help me determine why it is failing?

2

I immediately made some progress by finding the correct redirect URI and updating my GitLab application accordingly:

https://cloud.example.com/apps/sociallogin/custom_oauth2/gitlab

I encountered the GitLab dialog asking if I authorize this application and I hit accept only to encounter another error that displays on my Nextcloud site page at url https://cloud.antares.ncsa.illinois.edu/apps/sociallogin/custom_oauth2/gitlab?code=abcd...123&state=xyz:

Unable to exchange code for API access token. HTTP error 401. Raw Provider API response: {“error”:“invalid_client”,“error_description”:“Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method.”}.

3

Eventually I figured it out and got it working. My contributed documentation was merged and can be found here if others need help doing the same thing.