Description
Custom Oauth2 not working after upgrading to 6.6.1
Whenever I try to login using Oauth, it doesn’t work. The Oauth i am using is this: Rocket Chat — Group-Office documentation
I’ve upgraded to Rocket Chat 6.6.1 a few days ago and starting today, the OAuth login has started to fail, everything worked well until 48h ago.
I have a second machine using the same server setup, settings etc, only the users and rooms are different, same Oauth and I have no issues on it. I’ve narrowed it down to the Rocket instalation/settings but I can’t seem to pinpoint the issue, maybe someone has an idea.
Additional note: This is happening regardless of browser used or device.
Server Setup Information
- Version of Rocket.Chat Server: 6.6.1
- Operating System: Debian 11
- Deployment Method: manual install - tar
- Number of Running Instances: 1
- DB Replicaset Oplog: Enabled
- NodeJS Version: v14.21.3
- MongoDB Version: 5.0.24
- Proxy: not the issue
- Firewalls involved: not the issue
Any additional Information
Rocket logs:
{"level":20,"time":"2024-02-27T12:38:17.673Z","pid":229314,"hostname":"subdomain","name":"CustomOAuth","msg":"Identity response","response":{"name":"FirstName LastName","family_name":"","given_name":"","middle_name":"","nickname":"redacted","preferred_username":"firstname.lastname","profile":"","picture":"","website":"","gender":"","updated_at":"2024-02-27T12:37:37+00:00","email":"firstname.lastname@tld.com","email_verified":true,"phone_number":"","phone_number_verified":true,"address":"","roles":["admin"],"sub":33}} {"level":20,"time":"2024-02-27T12:38:17.885Z","pid":229314,"hostname":"subdomain","name":"Callbacks","msg":"Executing callback with id HQfipZefTjabcR4qh for hook afterProcessOAuthUser"} {"level":30,"time":"2024-02-27T12:38:17.894Z","pid":229314,"hostname":"subdomain","name":"System","msg":"Failed login detected - Username[unknown] ClientAddress[IP_ADDRESS] ForwardedFor[IP_ADDRESS, IP_ADDRESS] XRealIp[undefined] UserAgent[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36]"} Exception while invoking method login errorClass [Error]: admin is not a valid room name. [error-invalid-room-name] at app/utils/server/lib/getValidRoomName.ts:50:9 at /opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/fiber_pool.js:43:40 => awaited here: at Function.Promise.await (/opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/promise_server.js:56:12) at ee/server/lib/oauth/Manager.ts:36:17 at /opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/fiber_pool.js:43:40 => awaited here: at Function.Promise.await (/opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/promise_server.js:56:12) at ee/server/configuration/oauth.ts:64:4 at /opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/fiber_pool.js:43:40 => awaited here: at Function.Promise.await (/opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/promise_server.js:56:12) at lib/callbacks/callbacksBase.ts:68:5 at /opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/fiber_pool.js:43:40 => awaited here: at Function.Promise.await (/opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/promise_server.js:56:12) at app/custom-oauth/server/custom_oauth_server.js:350:5 at /opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/fiber_pool.js:43:40 => awaited here: at Function.Promise.await (/opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/promise_server.js:56:12) at app/custom-oauth/server/custom_oauth_server.js:439:3 at /opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/fiber_pool.js:43:40 => awaited here: at Function.Promise.await (/opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/promise_server.js:56:12) at AccountsServer.Accounts.updateOrCreateUserFromExternalService (app/custom-oauth/server/custom_oauth_server.js:460:17) at server/configuration/accounts_meld.js:47:53 at /opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/fiber_pool.js:43:40 => awaited here: at Function.Promise.await (/opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/promise_server.js:56:12) at AccountsServer.Accounts.updateOrCreateUserFromExternalService (server/configuration/accounts_meld.js:52:18) at MethodInvocation.<anonymous> (packages/accounts-oauth/oauth_server.js:57:21) at MethodInvocation.<anonymous> (packages/meteor.js:365:18) at packages/accounts-base/accounts_server.js:589:31 at /opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/fiber_pool.js:43:40 => awaited here: at Function.Promise.await (/opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/promise_server.js:56:12) at packages/accounts-base/accounts_server.js:1533:11 at /opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/fiber_pool.js:43:40 => awaited here: at Function.Promise.await (/opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/promise_server.js:56:12) at packages/accounts-base/accounts_server.js:653:7 at /opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/fiber_pool.js:43:40 => awaited here: at Function.Promise.await (/opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/promise_server.js:56:12) at packages/meteor.js:367:22 at Meteor.EnvironmentVariable.EVp.withValue (packages/meteor.js:1389:31) at packages/ddp-server/livedata_server.js:1854:36 at new Promise (<anonymous>) at Server.applyAsync (packages/ddp-server/livedata_server.js:1853:12) at Server.callAsync (packages/ddp-server/livedata_server.js:1779:17) at app/api/server/v1/misc.ts:617:33 at /opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/fiber_pool.js:43:40 => awaited here: at Function.Promise.await (/opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/promise_server.js:56:12) at app/api/server/v1/misc.ts:617:17 at /opt/Rocket.Chat/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/fiber_pool.js:43:40 { isClientSafe: true, error: 'error-invalid-room-name', reason: 'admin is not a valid room name.', details: { function: 'RocketChat.getValidRoomName', channel_name: 'admin' }, errorType: 'Meteor.Error' }
{"level":35,"time":"2024-02-27T12:38:17.904Z","pid":229314,"hostname":"subdomain","name":"API","method":"POST","url":"/api/v1/method.callAnon/login","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36","length":"232","host":"subdomain.tld.com","referer":"https://subdomain.tld.com/home","remoteIP":"IP_ADDRESS","status":200,"responseTime":40}
Browser logs (these are on both my rocket instances, so shouldn’t be the issue).
SDKClient.ts:75 r
onError @ SDKClient.ts:75
SDKClient.ts:75 rdetails: undefinederror: "not-allowed"errorType: "Meteor.Error"isClientSafe: truemessage: "[not-allowed]"reason: undefinedstack: "Error: [not-allowed]\n at n (https://subdomain.tld.com/828091d88b6be330f44d6a39fdc1178fcac13539.js?meteor_js_resource=true:156:18842)\n at I._livedata_nosub (https://subdomain.tld.com/828091d88b6be330f44d6a39fdc1178fcac13539.js?meteor_js_resource=true:156:18914)\n at I.onMessage (https://subdomain.tld.com/828091d88b6be330f44d6a39fdc1178fcac13539.js?meteor_js_resource=true:156:21669)\n at https://subdomain.tld.com/828091d88b6be330f44d6a39fdc1178fcac13539.js?meteor_js_resource=true:126:2676\n at Array.forEach (<anonymous>)\n at c.forEachCallback (https://subdomain.tld.com/828091d88b6be330f44d6a39fdc1178fcac13539.js?meteor_js_resource=true:126:3731)\n at socket.onmessage (https://subdomain.tld.com/828091d88b6be330f44d6a39fdc1178fcac13539.js?meteor_js_resource=true:126:2646)\n at r.dispatchEvent (https://subdomain.tld.com/828091d88b6be330f44d6a39fdc1178fcac13539.js?meteor_js_resource=true:126:8431)\n at https://subdomain.tld.com/828091d88b6be330f44d6a39fdc1178fcac13539.js?meteor_js_resource=true:126:18864\n at Array.forEach (<anonymous>)"[[Prototype]]: Errorclone: ƒ ()constructor: ƒ ()[[Prototype]]: Object
onError @ SDKClient.ts:75
SDKClient.ts:75 r
onError @ SDKClient.ts:75
SDKClient.ts:75 r
onError @ SDKClient.ts:75
SDKClient.ts:75 r
onError @ SDKClient.ts:75
SDKClient.ts:75 rdetails: undefinederror: "not-allowed"errorType: "Meteor.Error"isClientSafe: truemessage: "[not-allowed]"reason: undefinedstack: "Error: [not-allowed]\n at n (https://subdomain.tld.com/828091d88b6be330f44d6a39fdc1178fcac13539.js?meteor_js_resource=true:156:18842)\n at I._livedata_nosub (https://subdomain.tld.com/828091d88b6be330f44d6a39fdc1178fcac13539.js?meteor_js_resource=true:156:18914)\n at I.onMessage (https://subdomain.tld.com/828091d88b6be330f44d6a39fdc1178fcac13539.js?meteor_js_resource=true:156:21669)\n at https://subdomain.tld.com/828091d88b6be330f44d6a39fdc1178fcac13539.js?meteor_js_resource=true:126:2676\n at Array.forEach (<anonymous>)\n at c.forEachCallback (https://subdomain.tld.com/828091d88b6be330f44d6a39fdc1178fcac13539.js?meteor_js_resource=true:126:3731)\n at socket.onmessage (https://subdomain.tld.com/828091d88b6be330f44d6a39fdc1178fcac13539.js?meteor_js_resource=true:126:2646)\n at r.dispatchEvent (https://subdomain.tld.com/828091d88b6be330f44d6a39fdc1178fcac13539.js?meteor_js_resource=true:126:8431)\n at https://subdomain.tld.com/828091d88b6be330f44d6a39fdc1178fcac13539.js?meteor_js_resource=true:126:18864\n at Array.forEach (<anonymous>)"[[Prototype]]: Error
onError @ SDKClient.ts:75