Mailcow Oauth setup

I would like to use mailcow dockerized as an oauth provider for my hedgedoc instance.
I tried this .env file:

CMD_OAUTH2_BASEURL=https://mail.example.click
CMD_OAUTH2_USER_PROFILE_URL=https://mail.example.click/oauth/profile
CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=id
CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=username
CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=email
CMD_OAUTH2_TOKEN_URL=https://mail.example.click/oauth/token
CMD_OAUTH2_AUTHORIZATION_URL=https://mail.example.click/oauth/authorize
CMD_OAUTH2_CLIENT_ID=redacted 
CMD_OAUTH2_CLIENT_SECRET=redacted

But that results in this redirect when you click on login with oauth:
https://pad.example.click/auth/oauth2/callback?error=invalid_request&error_description=The+state+parameter+is+required

This is my mailcow oauth config:

image

How can I fix this?

1 Like

This is a problem with the current implementation. The good news, it’s already fixed on 1.7.0.

Therefore you need to wait a few more days until 1.7.0 comes out or run an unstable version. Alternatively, you can check if mailcow offers a way to disable the requirement for state parameter.

https://github.com/hedgedoc/hedgedoc/pull/541

1 Like

I am not sure what is the issue, I am getting the same error message to OAuth from MailCow. any help will be appreciated.

Internal Server Error

InternalOAuthError: Failed to obtain access token
at OAuth2CustomStrategy.OAuth2Strategy._createOAuthError (/hedgedoc/node_modules/passport-oauth2/lib/strategy.js:423:17)
at /hedgedoc/node_modules/passport-oauth2/lib/strategy.js:177:45
at /hedgedoc/node_modules/oauth/lib/oauth2.js:191:18
at ClientRequest. (/hedgedoc/node_modules/oauth/lib/oauth2.js:162:5)
at ClientRequest.emit (node:events:390:28)
at TLSSocket.socketErrorListener (node:_http_client:447:9)
at TLSSocket.emit (node:events:390:28)
at emitErrorNT (node:internal/streams/destroy:157:8)
at emitErrorCloseNT (node:internal/streams/destroy:122:3)
at processTicksAndRejections (node:internal/process/task_queues:83:21)