我正在设置 SonarQube 6.2,并希望使用 SonarQube 的 GitHub 身份验证来对 SonarQube 进行身份验证,以允许用户使用 GitHub 登录名登录到 SonarQube。
首次使用 GitHub OAuth 按钮登录时,我会被重定向到 GitHub,输入凭据并重定向回我的 SonarQube 实例,https://sonarqube.xxx/sessions/unauthorized 提示您未经授权访问此页面。请联系管理员。
查看日志文件时,我看到以下异常
2017.04.19 09:52:18 ERROR web[AVuFEY20neO0dCgEAAOc][o.s.s.a.AuthenticationError] Fail to callback authentication with 'github'
com.github.scribejava.core.exceptions.OAuthException: Response body is incorrect. Can't extract a 'access_token=([^&]+)' from this: 'error=bad_verification_code&error_description=The+code+passed+is+incorrect+or+expired.&error_uri=https%3A%2F%2Fdeveloper.github.com%2Fv3%2Foauth%2F%23bad-verification-code'
at com.github.scribejava.core.extractors.OAuth2AccessTokenExtractor.extractParameter(OAuth2AccessTokenExtractor.java:61)
at com.github.scribejava.core.extractors.OAuth2AccessTokenExtractor.extract(OAuth2AccessTokenExtractor.java:41)
at com.github.scribejava.core.extractors.OAuth2AccessTokenExtractor.extract(OAuth2AccessTokenExtractor.java:13)
at com.github.scribejava.core.oauth.OAuth20Service.sendAccessTokenRequestSync(OAuth20Service.java:37)
at com.github.scribejava.core.oauth.OAuth20Service.getAccessToken(OAuth20Service.java:56)
at org.sonarsource.auth.github.GitHubIdentityProvider.onCallback(GitHubIdentityProvider.java:119)
at org.sonarsource.auth.github.GitHubIdentityProvider.callback(GitHubIdentityProvider.java:107)
at org.sonar.server.authentication.OAuth2CallbackFilter.doFilter(OAuth2CallbackFilter.java:71)
at org.sonar.server.platform.web.MasterServletFilter$GodFilterChain.doFilter(MasterServletFilter.java:126)
at org.sonar.server.platform.web.MasterServletFilter.doFilter(MasterServletFilter.java:95)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.sonar.server.user.UserSessionFilter.doFilter(UserSessionFilter.java:83)
at org.sonar.server.user.UserSessionFilter.doFilter(UserSessionFilter.java:66)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.sonar.server.platform.web.SecurityServletFilter.doHttpFilter(SecurityServletFilter.java:73)
at org.sonar.server.platform.web.SecurityServletFilter.doFilter(SecurityServletFilter.java:49)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.sonar.server.platform.web.RoutesFilter.doFilter(RoutesFilter.java:55)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.sonar.server.platform.web.requestid.RequestIdFilter.doFilter(RequestIdFilter.java:63)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.sonar.server.platform.web.RootFilter.doFilter(RootFilter.java:62)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at ch.qos.logback.access.tomcat.LogbackValve.invoke(LogbackValve.java:256)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:522)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1095)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:672)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
当单击“主页”链接并再次单击 GitHub OAuth 按钮时,我已成功通过身份验证,并且可以作为我的 GitHub 用户进入 SonarQube。
在 SonarQube 中我输入了: 一般的 1.将服务器基本 URL 更改为我的 https 域 https://sonarqube.some-domain.xx GitHub 设置 1. 组织机构 2. 客户秘密 3. 客户ID 4. 将登录生成策略更改为与 GitHub 登录相同
我使用 NGinX 作为反向代理从 https 重定向到 http SonarQube url,并在 https url 上配置了 p12 证书。
有人知道如何解决这个问题吗?
我在 SonarQube 9.1 中遇到了同样的问题。如果您已达到此状态,那么很可能其他一切都已正确设置。
问题出在声纳方面。如果您的 Sonar Web 服务器域名是 https://sonar.some-domain.xx,则应在 服务器基本 URL 变量中写入相同的域名(密钥:
sonar.core.serverBaseURL
。)
因此,在您的 Sonar 网页上,转到 管理 → 配置 → 常规 → 服务器基本 URL 并将其设置为 https://sonar.some-domain.xx。
是的,这就是我的解决办法: 在您的 Sonar 网页上,转到管理 → 配置 → 常规 → 服务器基本 URL 并将其设置为 https://sonar.some-domain.xx.