Mattermost oauth broken after backup/restore

Summary

Backup / restore has broken Mattermost oauth.

Customer on 9.5.4 using salt-stack / omnibus hosted on Debian Stretch.

Customer has restored gitlab-secrets.json.

Restored instance has a new IP and hostname.

Customer is using a reverse proxy which terminates SSL but this was part of the environment on their previous working install.

System clocks are in sync

Customer has tried

  1. Destroying the authorization via admin

  2. Disabling Mattermost by commenting out mattermost_external_url.

  3. Trying to reauthorize (https://docs.gitlab.com/omnibus/gitlab-mattermost/#manually-re-authorising-gitlab-mattermost-with-gitlab)

  4. Confirming their SSL is configured correctly (https://docs.gitlab.com/omnibus/gitlab-mattermost/#running-gitlab-mattermost-with-https)

Strangely the redirect_uri is being returned as http:// but all configurations point to https://. Not sure where this is coming from, please see log output below.

Steps to reproduce

Unable to reproduce

Example Project

Internal EE instance

What is the current bug behavior?

Cannot authenticate GitLab with Mattermost

What is the expected correct behavior?

Should be able to authenticate

Relevant logs and/or screenshots

[2017/09/13 12:05:34 CEST] [EROR] AuthorizeOAuthUser: Falscher Tokentyp, token_type=, response_body={"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}

and

Redirected to https://customer.com/signup/gitlab/complete?code=<omitted>&state=<omitted>
Parameters: {"client_id"=>"<omitted>", "client_secret"=>"[FILTERED]", "code"=>"[FILTERED]", "grant_type"=>"authorization_code", "redirect_uri"=>"http://customer.com/signup/gitlab/complete"}

Links

https://gitlab.zendesk.com/agent/tickets/82389

"Possibly" related: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/13305

Output of checks

See ZD issue.

Results of GitLab environment info

See ZD issue.

Results of GitLab application Check

See ZD issue.

Possible fixes

Requires investigation.

Edited by Adam Mulvany