I get this question a lot ,I don’t know how to solve it ,Ask a professional to take a look
Unable to start a new build: The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.
Hi @chengfupingufo, can you help me providing further details to help you resolve the blocker?
Thanks!
the case occur in active Repository or launch a new-build
I use drone with gitlab to work , drone works sometimes ok or sometiles fail , most reason is the auth 。but I’ve already set the permissions
{“admin”:false,“error”:“The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.”,“level”:“warning”,“msg”:“api: cannot sync repository permissions”,“name”:“scenic_user”,“namespace”:“shanxi_scenic”,“read”:true,“request-id”:“2IGGRfFIDbCV3ZpT919g1FUvdOn”,“time”:“2022-11-30T09:28:19Z”,“user.admin”:true,“user.login”:“root”,“write”:false}
{“admin”:false,“error”:“The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.”,“level”:“warning”,“msg”:“api: cannot sync repository permissions”,“name”:“scenic_device”,“namespace”:“shanxi_scenic”,“read”:true,“request-id”:“2IGGeo3vXBNwRe4G4VfBB90NQ9n”,“time”:“2022-11-30T09:30:04Z”,“user.admin”:true,“user.login”:“root”,“write”:false}
{“error”:“The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.”,“level”:“warning”,“login”:“root”,“msg”:“syncer: cannot get remote repository list”,“time”:“2022-11-30T09:33:06Z”}
Same issue with drone GitLab integration. We used previously drone with bitbucket server and later with bitbucket cloud and always managed to find workarounds and ugly fixes for the numerous drone bugs.
We recently moved to GitLab and we will finally be able to get rid of drone and stop paying for it. Until then we at least like to have a halfway useable drone.
3 issues have currently been identified:
drone server didn’t correctly handle token expiry. Was fixed in version 2.12.1. Currently running 2.16.0 with runners 1.8.3. The symptom was that GitLab webhook triggers timed out as drone didn’t answer. A workaround was to logout from the drone UI and login again which fixed the triggers. Fortunately that was fixed in drone.
drone runner failed to clone from git due to key and login issues. Happened a lot but sometimes it passed. We fixed this by disabling cloning in the .drone.yml and overriding it with our custom clone plugin that does a proper clone using a deploy key as it should be done.
the third issue is the one mentioned above for which we don’t have a fix and renders drone unusable. Seems to be related to token expiry and login rate limiting as drone uses a user credential to integrate instead a deploy token or deploy key.
In GitLab we see that after less than one week running we have several hundreds drone client connected on the OAuth2 drone token. There shouldn’t be more than one for the server and one per runner. drone seems to create a new login for each push on each branch so it hits the rate limit of 10 per minute.
Hi,
It happens to me and the issue was that I restarted the drone server without logout and I had the previous authentication info from Gitlab. Logout and login again solved this issue.
