Can't login with AAD

[sergeymeleschenko]

web.log

2023.03.21 16:58:42 ERROR web[AYZ9/t35YQnuMj7SBOhh][o.a.a.a.AadIdentityProvider] Exception:java.lang.IllegalArgumentException: authorization code is null or empty

What should I do?

[srvrguy]

That is odd. If you have the basic setup done correctly, it should be okay. Can you provide more details on your setup?

[sergeymeleschenko]

Steps 1 to 12 https://www.vultr.com/docs/how-to-use-sonarqube-on-ubuntu-22-04-lts/

You're not authorized to access this page. Please contact the administrator.

[srvrguy]

Can you try without the encryption portion of that guide? I don't think it's the cause, but it does make the setup a bit more complex. I recommend starting with the simplest setup first and once that's working you can then start making changes.

[sergeymeleschenko]

Can you try without the encryption portion of that guide? I don't think it's the cause, but it does make the setup a bit more complex. I recommend starting with the simplest setup first and once that's working you can then start making changes.

2023.03.31 14:52:55 ERROR web[AYZ9/t35YQnuMj7SBsOV][o.a.a.a.AadIdentityProvider] Exception:java.lang.IllegalArgumentException: authorization code is null or empty
2023.03.31 14:56:45 ERROR web[AYZ9/t35YQnuMj7SBsPd][o.a.a.a.AadIdentityProvider] Exception:org.sonar.server.authentication.event.AuthenticationException: Cookie 'OAUTHSTATE' is missing
2023.03.31 14:56:45 WARN web[AYZ9/t35YQnuMj7SBsPd][o.s.s.a.AuthenticationError] Fail to callback authentication with 'aad'
java.lang.IllegalStateException: org.sonar.server.authentication.event.AuthenticationException: Cookie 'OAUTHSTATE' is missing

[barnesdc]

I am also receiving the same errors on my setup. It was working fine until updating the plugin and now users are unable to access our sonarqube site using Azure AD.

The error I'm seeing currently is:
Exception:java.lang.IllegalArgumentException: authorization code is null or empty

I was previously on Sonarqube version 9.7.x but currently on 9.9.x

[docknight]

I had a similar issue. Using SonarQube v9.9. In my case, however, the logs indicated I can't login with AD user whose email matches the email of an existing SonarQube user.

[barnesdc]

@srvrguy I also noticed that once that error pops up above and you click the home button, it flashes the projects page, then goes back to the login page.

[srvrguy]

Sorry for the long silence. I'm currently busy in regulatory audits and training at my day job and also very busy in my personal life, so my time to support this plugin right now is near zero. I highly recommend making sure you're running the newest version of the plugin, version 2. It has more descriptive error messages, and you can also increase the log level in SonarQube to get more details in the auth process that will help with troubleshooting.

I also highly recommend running a login test with developer tools enabled in the browser, looking at the network tab, and making sure that the request log is persisted (that's usually an option you need to enable). You can then check the URLs going back and forth between MS and SQ and see if the auth code is being returned.

If this continues to be an issue, I'll try to do some further testing as soon as my workload decreases.

[barnesdc]

Hi @srvrguy, thanks for the update. I think when I looked at logsI wasn’t seeing the auth code. I pulled down the code and planned on reviewing and submitting a PR to fix if someone doesn’t beat me to it.

[SvenSchneiderDVAG]

Running SonarQube 9.9.2 LTS we're getting the same issues:

You're not authorized to access this page. Please contact the administrator.

Since old Microsoft Login method soon will be deprecated we'd like to see a possible solution for this plugin version or a workaround.