[solved] Drone oauth Authentication not working

Somehow my authentication of drone does not work anymore.
In the past I have used drone as a CI/CD tool in combination with gitea.
This used to work just fine. Then I upgraded both and now I cannot log into drone.

I always get the following error message:
Bildschirmfoto von 2019-12-09 19-55-56

When I look into the logs I can see that drone tries to to log in, however gitea responds with a bad request:

gitea-server_1 | [Macaron] 2019-12-09 18:59:27: Started GET /login/oauth/authorize?client_id=<my_id>&redirect_uri=https%3A%2F%2F
drone..de%2Flogin&response_type=code&state=4d65822107fcfd52 for
gitea-server_1 | [Macaron] 2019-12-09 18:59:28: Completed GET /login/oauth/authorize?client_id=<my_id>&redirect_uri=https%3A%2F%
2Fdrone..de%2Flogin&response_type=code&state=4d65822107fcfd52 400 Bad Request in 120.266318ms

I use drone 1.6.2 and gitea 1.10.1.
I have created an oauth application in gitea and used the client_id, secret etc. in my drone configuration. This used to work in the past.

Does anybody have the same problem or knows how to fix it?

Thanks in advance

Try to:
1.clear cookies for drone
2.remove and add again drone to your application list
3.consider adding to drone configuration correct (new) DRONE_GITEA_CLIENT_ID and DRONE_GITEA_CLIENT_SECRET values

Ok this did not work for me :frowning:

Probably this does not fit here but this is my drone config.

version: ‘2’

                image: drone/drone:1.6.2
                        - 8000:8000
                        - ./drone/:/data
                        - /var/run/docker.sock:/var/run/docker.sock
                restart: always
                        - DRONE_ADMIN=<admin>
                        - DRONE_AGENTS_ENABLED=true
                        - DRONE_GITEA_SERVER=https://gitea.<host>.de
                        - DRONE_GITEA_CLIENT_ID=<id>
                        - DRONE_GITEA_CLIENT_SECRET=<secret>
                        - DRONE_SERVER_HOST=drone.<host>.de
                        - DRONE_SERVER_PORT=:8000
                        - DRONE_SERVER_PROTO=https
                        - DRONE_RPC_SECRET=<secret>

I have found the mistake:

In the redirect url for the oauth2 application, I had to adjust the path from
https://drone.<host>.de to https://drone.<host>.de/login