π Bug Report: GitHub Auth Request failed with 403 forbiddenΒ #28362
Description
π Description
When the application loads it displays the auth popup but the window is blank and then closes with the 403 error displayed in the main landing page.
π Expected behavior
Application should complete GitHub OAuth flow and load the Backstage application.
π Actual Behavior with Screenshots
π Reproduction steps
- Run yarn dev
- Application tries to start but ultimately fails with the following messages in logs provided below in next section.
I've followed the examples and think i have everything configured correctly but I must be missing something. :-)
π Provide the context for the Bug.
[app]: Loaded config from app-config.yaml
[app]: <i> [webpack-dev-server] Project is running at:
[app]: <i> [webpack-dev-server] Content not from webpack is served from '/Users/development/casi-backstage-poc/packages/app/public' directory
[app]: <i> [webpack-dev-server] 404s will fallback to '/index.html'
[backend]: (node:85339) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
[backend]: (Use `node --trace-deprecation ...` to show where the warning was created)
[app]: <i> [webpack-dev-middleware] wait until bundle finished: /
[backend]: Loading config from MergedConfigSource{FileConfigSource{path="/Users/development/casi-backstage-poc/app-config.yaml"}, FileConfigSource{path="/Users/development/casi-backstage-poc/app-config.local.yaml"}, EnvConfigSource{count=0}}
[backend]: 2025-01-03T21:39:39.071Z backstage info Found 2 new secrets in config that will be redacted
[backend]: 2025-01-03T21:39:39.077Z rootHttpRouter info Listening on :7007
[backend]: 2025-01-03T21:39:39.077Z backstage info Plugin initialization started: 'app', 'proxy', 'scaffolder', 'techdocs', 'auth', 'catalog', 'permission', 'search', 'kubernetes' type=initialization
[backend]: 2025-01-03T21:39:39.130Z search warn Postgres search engine is not supported, skipping registration of search-backend-module-pg
[backend]: 2025-01-03T21:39:39.249Z auth info Configuring "database" as KeyStore provider
[backend]: 2025-01-03T21:39:39.249Z kubernetes warn Failed to initialize kubernetes backend: valid kubernetes config is missing
[backend]: 2025-01-03T21:39:39.250Z techdocs info Creating Local publisher for TechDocs
[backend]: 2025-01-03T21:39:39.252Z search info Added DefaultCatalogCollatorFactory collator factory for type software-catalog
[backend]: 2025-01-03T21:39:39.252Z search info Added DefaultTechDocsCollatorFactory collator factory for type techdocs
[backend]: 2025-01-03T21:39:39.255Z catalog info Performing database migration
[backend]: 2025-01-03T21:39:39.257Z scaffolder info Starting scaffolder with the following actions enabled github:actions:dispatch, github:autolinks:create, github:deployKey:create, github:environment:create, github:issues:label, github:repo:create, github:repo:push, github:webhook, publish:github, publish:github:pull-request, github:pages:enable, github:branch-protection:create, fetch:plain, fetch:plain:file, fetch:template, fetch:template:file, debug:log, debug:wait, catalog:register, catalog:fetch, catalog:write, fs:delete, fs:rename, fs:readdir
[backend]: 2025-01-03T21:39:39.312Z catalog info Created new signing key 70f8f62e-fa10-4372-bc01-2235da1890a4
[backend]: 2025-01-03T21:39:39.324Z auth info Configuring auth provider: github
[backend]: 2025-01-03T21:39:39.325Z auth info Configuring auth provider: guest
[backend]: 2025-01-03T21:39:39.444Z search info Starting all scheduled search tasks.
[backend]: 2025-01-03T21:39:39.446Z backstage info Plugin initialization complete, newly initialized: 'proxy', 'permission', 'kubernetes', 'techdocs', 'search', 'app', 'auth', 'scaffolder', 'catalog' type=initialization
[backend]: 2025-01-03T21:39:39.517Z search info Task worker starting: search_index_software_catalog, {"version":2,"cadence":"PT10M","initialDelayDuration":"PT3S","timeoutAfterDuration":"PT15M"} task=search_index_software_catalog
[backend]: 2025-01-03T21:39:39.517Z search info Task worker starting: search_index_techdocs, {"version":2,"cadence":"PT10M","initialDelayDuration":"PT3S","timeoutAfterDuration":"PT15M"} task=search_index_techdocs
[backend]: 2025-01-03T21:39:39.522Z catalog warn Poll failed for subscription "catalog.catalog", retrying in 1000ms fetch failed stack=TypeError: fetch failed
[backend]: at node:internal/deps/undici/undici:13484:13
[backend]: at process.processTicksAndRejections (node:internal/process/task_queues:105:5)
[backend]: at async DefaultApiClient.putSubscription (/Users/development/casi-backstage-poc/node_modules/@backstage/plugin-events-node/src/generated/apis/DefaultApi.client.ts:143:12)
[backend]: at async poll (/Users/development/casi-backstage-poc/node_modules/@backstage/plugin-events-node/src/api/DefaultEventsService.ts:274:23) cause=Error: Request was cancelled.
[backend]: 2025-01-03T21:39:40.602Z catalog warn Poll failed for subscription "catalog.catalog", retrying in 2000ms fetch failed stack=TypeError: fetch failed
[backend]: at node:internal/deps/undici/undici:13484:13
[backend]: at process.processTicksAndRejections (node:internal/process/task_queues:105:5)
[backend]: at async DefaultApiClient.putSubscription (/Users/development/casi-backstage-poc/node_modules/@backstage/plugin-events-node/src/generated/apis/DefaultApi.client.ts:143:12)
[backend]: at async Timeout.poll (/Users/development/casi-backstage-poc/node_modules/@backstage/plugin-events-node/src/api/DefaultEventsService.ts:274:23) cause=Error: Request was cancelled.
[backend]: 2025-01-03T21:39:42.519Z search info Collating documents for software-catalog via DefaultCatalogCollatorFactory documentType=software-catalog
[backend]: 2025-01-03T21:39:42.521Z search info Collating documents for techdocs via DefaultTechDocsCollatorFactory documentType=techdocs
[backend]: 2025-01-03T21:39:42.521Z search info Created new signing key d2463453-31b5-488f-af6a-6799ff75813a
[backend]: 2025-01-03T21:39:42.598Z search warn Index for software-catalog was not created: an error was encountered documentType=software-catalog
[backend]: 2025-01-03T21:39:42.598Z search error Collating documents for software-catalog failed: ResponseError: Request failed with 403 Forbidden documentType=software-catalog
[backend]: 2025-01-03T21:39:42.598Z search error ResponseError: Request failed with 403 Forbidden task=search_index_software_catalog
[backend]: 2025-01-03T21:39:42.635Z search warn Index for techdocs was not created: an error was encountered documentType=techdocs
[backend]: 2025-01-03T21:39:42.635Z search error Collating documents for techdocs failed: ResponseError: Request failed with 403 Forbidden documentType=techdocs
[backend]: 2025-01-03T21:39:42.635Z search error ResponseError: Request failed with 403 Forbidden task=search_index_techdocs
[backend]: 2025-01-03T21:39:42.680Z catalog warn Poll failed for subscription "catalog.catalog", retrying in 4000ms fetch failed stack=TypeError: fetch failed
[backend]: at node:internal/deps/undici/undici:13484:13
[backend]: at process.processTicksAndRejections (node:internal/process/task_queues:105:5)
[backend]: at async DefaultApiClient.putSubscription (/Users/development/casi-backstage-poc/node_modules/@backstage/plugin-events-node/src/generated/apis/DefaultApi.client.ts:143:12)
[backend]: at async Timeout.poll (/Users/development/casi-backstage-poc/node_modules/@backstage/plugin-events-node/src/api/DefaultEventsService.ts:274:23) cause=Error: Request was cancelled.
[app]: webpack compiled successfully
[backend]: 2025-01-03T21:39:43.641Z rootHttpRouter info [2025-01-03T21:39:43.641Z] "GET /api/auth/github/refresh?optional&scope=read%3Auser&env=development HTTP/1.1" 401 0 "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" type=incomingRequest date=2025-01-03T21:39:43.641Z method=GET url=/api/auth/github/refresh?optional&scope=read%3Auser&env=development status=401 httpVersion=1.1 userAgent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
[backend]: 2025-01-03T21:39:43.649Z rootHttpRouter info [2025-01-03T21:39:43.649Z] "GET /api/auth/github/start?scope=read%3Auser&origin=http%3A%2F%2F56.206.229.125%3A3000&redirectUrl=http%3A%2F%2F56.206.229.125%3A3000%2F&flow=redirect&env=development HTTP/1.1" 302 0 "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" type=incomingRequest date=2025-01-03T21:39:43.649Z method=GET url=/api/auth/github/start?scope=read%3Auser&origin=http%3A%2F%2F56.206.229.125%3A3000&redirectUrl=http%3A%2F%2F56.206.229.125%3A3000%2F&flow=redirect&env=development status=302 httpVersion=1.1 userAgent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 contentLength=0
[backend]: 2025-01-03T21:39:46.759Z catalog warn Poll failed for subscription "catalog.catalog", retrying in 8000ms fetch failed stack=TypeError: fetch failed
[backend]: at node:internal/deps/undici/undici:13484:13
[backend]: at process.processTicksAndRejections (node:internal/process/task_queues:105:5)
[backend]: at async DefaultApiClient.putSubscription (/Users/development/casi-backstage-poc/node_modules/@backstage/plugin-events-node/src/generated/apis/DefaultApi.client.ts:143:12)
[backend]: at async Timeout.poll (/Users/development/casi-backstage-poc/node_modules/@backstage/plugin-events-node/src/api/DefaultEventsService.ts:274:23) cause=Error: Request was cancelled.
[backend]: 2025-01-03T21:39:46.879Z auth info Created new signing key ce92db09-3e3f-4c45-981c-b1fd5caa12a0
[backend]: 2025-01-03T21:39:46.958Z rootHttpRouter info [2025-01-03T21:39:46.958Z] "GET /api/auth/github/handler/frame?code=6dd6458127f5c2ee0494&state=6e6f6e63653d3962625174383773495a57336b2532427662306e5158536725334425334426656e763d646576656c6f706d656e74266f726967696e3d6874747025334125324625324635362e3230362e3232392e3132352533413330303026726564697265637455726c3d6874747025334125324625324635362e3230362e3232392e3132352533413330303025324626666c6f773d72656469726563742673636f70653d7265616425334175736572 HTTP/1.1" 302 96 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" type=incomingRequest date=2025-01-03T21:39:46.958Z method=GET url=/api/auth/github/handler/frame?code=6dd6458127f5c2ee0494&state=6e6f6e63653d3962625174383773495a57336b2532427662306e5158536725334425334426656e763d646576656c6f706d656e74266f726967696e3d6874747025334125324625324635362e3230362e3232392e3132352533413330303026726564697265637455726c3d6874747025334125324625324635362e3230362e3232392e3132352533413330303025324626666c6f773d72656469726563742673636f70653d7265616425334175736572 status=302 httpVersion=1.1 userAgent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 contentLength=96
π₯οΈ Your Environment
yarn backstage-cli info
OS: Darwin 24.1.0 - darwin/arm64
node: v22.12.0
yarn: 4.4.1
cli: 0.29.4 (installed)
backstage: 1.34.0
Dependencies:
@backstage/app-defaults 1.5.15
@backstage/backend-app-api 1.1.0
@backstage/backend-common 0.25.0
@backstage/backend-defaults 0.6.2
@backstage/backend-dev-utils 0.1.5
@backstage/backend-openapi-utils 0.4.0
@backstage/backend-plugin-api 1.1.0
@backstage/catalog-client 1.9.0
@backstage/catalog-model 1.7.2
@backstage/cli-common 0.1.15
@backstage/cli-node 0.2.11
@backstage/cli 0.29.4
@backstage/config-loader 1.9.4
@backstage/config 1.3.1
@backstage/core-app-api 1.15.3
@backstage/core-compat-api 0.3.4
@backstage/core-components 0.16.2
@backstage/core-plugin-api 1.10.2
@backstage/e2e-test-utils 0.1.1
@backstage/errors 1.2.6
@backstage/eslint-plugin 0.1.10
@backstage/frontend-app-api 0.10.3
@backstage/frontend-defaults 0.1.4
@backstage/frontend-plugin-api 0.9.3
@backstage/frontend-test-utils 0.2.4
@backstage/integration-aws-node 0.1.14
@backstage/integration-react 1.2.2
@backstage/integration 1.16.0
@backstage/plugin-api-docs 0.12.2
@backstage/plugin-app-backend 0.4.3
@backstage/plugin-app-node 0.1.28
@backstage/plugin-app 0.1.4
@backstage/plugin-auth-backend-module-atlassian-provider 0.3.3
@backstage/plugin-auth-backend-module-auth0-provider 0.1.3
@backstage/plugin-auth-backend-module-aws-alb-provider 0.3.1
@backstage/plugin-auth-backend-module-azure-easyauth-provider 0.2.3
@backstage/plugin-auth-backend-module-bitbucket-provider 0.2.3
@backstage/plugin-auth-backend-module-bitbucket-server-provider 0.1.3
@backstage/plugin-auth-backend-module-cloudflare-access-provider 0.3.3
@backstage/plugin-auth-backend-module-gcp-iap-provider 0.3.3
@backstage/plugin-auth-backend-module-github-provider 0.2.3
@backstage/plugin-auth-backend-module-gitlab-provider 0.2.3
@backstage/plugin-auth-backend-module-google-provider 0.2.3
@backstage/plugin-auth-backend-module-guest-provider 0.2.3
@backstage/plugin-auth-backend-module-microsoft-provider 0.2.3
@backstage/plugin-auth-backend-module-oauth2-provider 0.3.3
@backstage/plugin-auth-backend-module-oauth2-proxy-provider 0.2.3
@backstage/plugin-auth-backend-module-oidc-provider 0.3.3
@backstage/plugin-auth-backend-module-okta-provider 0.1.3
@backstage/plugin-auth-backend-module-onelogin-provider 0.2.3
@backstage/plugin-auth-backend 0.24.1
@backstage/plugin-auth-node 0.5.5
@backstage/plugin-auth-react 0.1.10
@backstage/plugin-bitbucket-cloud-common 0.2.26
@backstage/plugin-catalog-backend-module-logs 0.1.5
@backstage/plugin-catalog-backend-module-scaffolder-entity-model 0.2.3
@backstage/plugin-catalog-backend 1.29.0
@backstage/plugin-catalog-common 1.1.2
@backstage/plugin-catalog-graph 0.4.14
@backstage/plugin-catalog-import 0.12.8
@backstage/plugin-catalog-node 1.15.0
@backstage/plugin-catalog-react 1.15.0
@backstage/plugin-catalog 1.26.0
@backstage/plugin-events-node 0.4.6
@backstage/plugin-kubernetes-backend 0.19.1
@backstage/plugin-kubernetes-common 0.9.1
@backstage/plugin-kubernetes-node 0.2.1
@backstage/plugin-kubernetes-react 0.5.2
@backstage/plugin-kubernetes 0.12.2
@backstage/plugin-org 0.6.34
@backstage/plugin-permission-backend-module-allow-all-policy 0.2.3
@backstage/plugin-permission-backend 0.5.52
@backstage/plugin-permission-common 0.8.3
@backstage/plugin-permission-node 0.8.6
@backstage/plugin-permission-react 0.4.29
@backstage/plugin-proxy-backend 0.5.9
@backstage/plugin-scaffolder-backend-module-azure 0.2.4
@backstage/plugin-scaffolder-backend-module-bitbucket-cloud 0.2.4
@backstage/plugin-scaffolder-backend-module-bitbucket-server 0.2.4
@backstage/plugin-scaffolder-backend-module-bitbucket 0.3.5
@backstage/plugin-scaffolder-backend-module-gerrit 0.2.4
@backstage/plugin-scaffolder-backend-module-gitea 0.2.4
@backstage/plugin-scaffolder-backend-module-github 0.5.4
@backstage/plugin-scaffolder-backend-module-gitlab 0.7.0
@backstage/plugin-scaffolder-backend 1.28.0
@backstage/plugin-scaffolder-common 1.5.8
@backstage/plugin-scaffolder-node 0.6.2
@backstage/plugin-scaffolder-react 1.14.2
@backstage/plugin-scaffolder 1.27.3
@backstage/plugin-search-backend-module-catalog 0.2.6
@backstage/plugin-search-backend-module-pg 0.5.39
@backstage/plugin-search-backend-module-techdocs 0.3.4
@backstage/plugin-search-backend-node 1.3.6
@backstage/plugin-search-backend 1.8.0
@backstage/plugin-search-common 1.2.16
@backstage/plugin-search-react 1.8.4
@backstage/plugin-search 1.4.21
@backstage/plugin-signals-react 0.0.8
@backstage/plugin-techdocs-backend 1.11.4
@backstage/plugin-techdocs-common 0.1.0
@backstage/plugin-techdocs-module-addons-contrib 1.1.19
@backstage/plugin-techdocs-node 1.12.15
@backstage/plugin-techdocs-react 1.2.12
@backstage/plugin-techdocs 1.12.0
@backstage/plugin-user-settings-common 0.0.1
@backstage/plugin-user-settings 0.8.17
@backstage/release-manifests 0.0.12
@backstage/test-utils 1.7.3
@backstage/theme 0.6.3
@backstage/types 1.2.0
@backstage/version-bridge 1.0.10
π Have you spent some time to check if this bug has been raised before?
- I checked and didn't find similar issue
π’ Have you read the Code of Conduct?
- I have read the Code of Conduct
Are you willing to submit PR?
Yes I am willing to submit a PR!