Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Logs error for DISABLE_QUERY_AUTH_TOKEN even though not specified #28758

Closed
lonix1 opened this issue Jan 11, 2024 · 7 comments · Fixed by #28783
Closed

Logs error for DISABLE_QUERY_AUTH_TOKEN even though not specified #28758

lonix1 opened this issue Jan 11, 2024 · 7 comments · Fixed by #28783
Labels
type/question Issue needs no code to be fixed, only a description on how to fix it yourself.

Comments

@lonix1
Copy link
Contributor

lonix1 commented Jan 11, 2024

Description

When my gite docker instance starts it logs this:

2024/01/10 06:58:15 .../setting/security.go:168:loadSecurityFrom() [W] Enabling Query API Auth tokens is not recommended. DISABLE_QUERY_AUTH_TOKEN will default to true in gitea 1.23 and will be removed in gitea 1.24.

But in my app.ini I did not set DISABLE_QUERY_AUTH_TOKEN.

Gitea Version

1.21.3

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

No response

Screenshots

No response

Git Version

No response

Operating System

No response

How are you running Gitea?

docker

Database

SQLite
@techknowlogick
Copy link
Member

This log happens when the value is set to false, but default it is false. So if you don't have it defined, then it'll be false and show you the warning.

@techknowlogick techknowlogick added type/question Issue needs no code to be fixed, only a description on how to fix it yourself. and removed type/bug labels Jan 11, 2024
@lonix1
Copy link
Contributor Author

lonix1 commented Jan 12, 2024

Thanks. So by default everyone sees this log?

@lunny
Copy link
Member

lunny commented Jan 12, 2024

I think IsSet should be checked. If user haven't set it. It can be ignored.

@lonix1
Copy link
Contributor Author

lonix1 commented Jan 12, 2024

If this is in the log for everyone, I'm surprised I'm the first to mention it 😄

Maybe we can reopen the issue?

@nodiscc
Copy link
Contributor

nodiscc commented Jan 12, 2024

This error message sneaks into the stdout for the gitea actions generate-runner-token command and breaks scripts which use the output of this command to register runners (https://github.com/nodiscc/xsrv/blob/master/roles/gitea_act_runner/tasks/act-runner.yml#L176).

I think the message should not be displayed at all if DISABLE_QUERY_AUTH_TOKEN is not set at all in the configuration file.

Can we reopen this?

nodiscc added a commit to nodiscc/xsrv that referenced this issue Jan 12, 2024
@nodiscc
gitea: update configuration from upstream example file
b7b9a76 
- fixes /bin/sh: 1: Syntax error: ( unexpected on 'register the runner on the gitea instance' task- ref. go-gitea/gitea#28758
@lonix1
Copy link
Contributor Author

lonix1 commented Jan 13, 2024

Yes it is a false positive and will cause more confusion and more issues on the repo.

Please reopen.

@yardenshoham yardenshoham mentioned this issue Jan 14, 2024
Merged
KN4CK3R pushed a commit that referenced this issue Jan 14, 2024
@yardenshoham
Warn that DISABLE_QUERY_AUTH_TOKEN is false only if it's explicitly…
5a7bacb 
… defined (#28783)

So we don't warn on default behavior

- Fixes #28758
- Follows #28390

Signed-off-by: Yarden Shoham <[email protected]>
fuxiaohei pushed a commit to fuxiaohei/gitea that referenced this issue Jan 17, 2024
@yardenshoham @fuxiaohei
Warn that DISABLE_QUERY_AUTH_TOKEN is false only if it's explicitly…
7d0ae12 
… defined (go-gitea#28783)

So we don't warn on default behavior

- Fixes go-gitea#28758
- Follows go-gitea#28390

Signed-off-by: Yarden Shoham <[email protected]>
GiteaBot pushed a commit to GiteaBot/gitea that referenced this issue Jan 20, 2024
@yardenshoham @GiteaBot
Warn that DISABLE_QUERY_AUTH_TOKEN is false only if it's explicitly…
4f4c1a1 
… defined (go-gitea#28783)

So we don't warn on default behavior

- Fixes go-gitea#28758
- Follows go-gitea#28390

Signed-off-by: Yarden Shoham <[email protected]>
@GiteaBot GiteaBot mentioned this issue Jan 20, 2024
Merged
lunny pushed a commit that referenced this issue Jan 21, 2024
@GiteaBot @yardenshoham
Warn that DISABLE_QUERY_AUTH_TOKEN is false only if it's explicitly…
e3dfb51 
… defined (#28783) (#28868)

Backport #28783 by @yardenshoham

So we don't warn on default behavior

- Fixes #28758
- Follows #28390

Signed-off-by: Yarden Shoham <[email protected]>
Co-authored-by: Yarden Shoham <[email protected]>
HerHde added a commit to HerHde/woodpecker that referenced this issue Jan 30, 2024
@HerHde
Workaround: Filter Gitea token
109759b 
Migitate go-gitea/gitea#28758 in Gitea 1.21
HerHde added a commit to HerHde/woodpecker that referenced this issue Jan 30, 2024
@HerHde
Workaround: Filter Gitea token
edd9d79 
Migitate go-gitea/gitea#28758 in Gitea 1.21
@HerHde HerHde mentioned this issue Jan 30, 2024
Merged
pat-s added a commit to woodpecker-ci/woodpecker that referenced this issue Jan 30, 2024
@HerHde @pat-s
Fix Gitpod: Gitea auth token creation (#3299)
8429811 
The Gitea CLI `generate-access-token` has updated the OAuth scopes and
[posts some warning to the STDOUT when creating a
token](go-gitea/gitea#28758):

```
.../setting/security.go:168:loadSecurityFrom() [W] Enabling Query API Auth tokens is not recommended. DISABLE_QUERY_AUTH_TOKEN will default to true in gitea 1.23 and will be removed in gitea 1.24.
0adftokenblablubb
```

When logging in to the Gitpod Gitea instance from Woodpecker, I get an
error:

![Authorization failed: Client ID not
registered](https://github.com/woodpecker-ci/woodpecker/assets/7630662/bd28a661-d46e-4691-aff7-a25d64f8e7ce)

This PR fixes the problems leading you to a dialogue authorizing
Woodpecker after logging in to Gitea.

---------

Co-authored-by: Patrick Schratz <[email protected]>
fernandrone pushed a commit to quintoandar/woodpecker that referenced this issue Feb 1, 2024
@HerHde @pat-s @fernandrone
Fix Gitpod: Gitea auth token creation (woodpecker-ci#3299)
34ae80e 
The Gitea CLI `generate-access-token` has updated the OAuth scopes and
[posts some warning to the STDOUT when creating a
token](go-gitea/gitea#28758):

```
.../setting/security.go:168:loadSecurityFrom() [W] Enabling Query API Auth tokens is not recommended. DISABLE_QUERY_AUTH_TOKEN will default to true in gitea 1.23 and will be removed in gitea 1.24.
0adftokenblablubb
```

When logging in to the Gitpod Gitea instance from Woodpecker, I get an
error:

![Authorization failed: Client ID not
registered](https://github.com/woodpecker-ci/woodpecker/assets/7630662/bd28a661-d46e-4691-aff7-a25d64f8e7ce)

This PR fixes the problems leading you to a dialogue authorizing
Woodpecker after logging in to Gitea.

---------

Co-authored-by: Patrick Schratz <[email protected]>
silverwind pushed a commit to silverwind/gitea that referenced this issue Feb 20, 2024
@yardenshoham @silverwind
Warn that DISABLE_QUERY_AUTH_TOKEN is false only if it's explicitly…
9585a50 
… defined (go-gitea#28783)

So we don't warn on default behavior

- Fixes go-gitea#28758
- Follows go-gitea#28390

Signed-off-by: Yarden Shoham <[email protected]>
@github-actions GitHub Actions
Copy link

github-actions bot commented Mar 1, 2024

Automatically locked because of our CONTRIBUTING guidelines

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 1, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
type/question Issue needs no code to be fixed, only a description on how to fix it yourself.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Warn that DISABLE_QUERY_AUTH_TOKEN is false only if it's explicitly defined yardenshoham/gitea
4 participants
@lunny @techknowlogick @nodiscc @lonix1