You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am trying to deploy Lobe Chat using Domain Name Mode guide, but with Casdoor.
Let's say I have domain flowseal.com. I'm using WAF that automatically gives me SSL.
APP_URL=https://lobe.flowseal.com/
NEXTAUTH_URL=https://lobe.flowseal.com/api/auth
AUTH_CASDOOR_ID=*Client ID from created application*
AUTH_CASDOOR_SECRET=*Client Secret from created application*
AUTH_CASDOOR_ISSUER=https://casdoor.flowseal.com
CASDOOR_WEBHOOK_SECRET=rCd+N20j84bejh//OcVDaPHnrB39d+NdpvsU/NgHp/w= # gen with openssl, but idk do i really need it or not
After that I reloaded containers with docker compose down and docker compose up -d.
When I press on login/register button (on https://lobe.flowseal.com), I'm immediately being redirected to https://lobe.flowseal.com/api/auth/error?error=Configuration.
Casdoor logs:
2025/01/09 02:51:08 Starting Radius server on 0.0.0.0:1812
The old instance with pid: 1 has been stopped
2025/01/09 02:51:08 Listening on 0.0.0.0:389
2025/01/09 02:51:08.376 [I] http server Running on http://:8000
Chat logs:
lobe-chat | [auth][error] r3: "response" is not a conform Authorization Server Metadata response (unexpected HTTP status code)
lobe-chat | at r4 (/app/.next/server/chunks/18300.js:368:4893)
lobe-chat | at nn (/app/.next/server/chunks/18300.js:368:6924)
lobe-chat | at iY (/app/.next/server/chunks/18300.js:368:46968)
lobe-chat | at process.processTicksAndRejections (node:internal/process/task_queues:105:5)
lobe-chat | at async iQ (/app/.next/server/chunks/18300.js:368:49798)
lobe-chat | at async i5 (/app/.next/server/chunks/18300.js:368:52440)
lobe-chat | at async i3 (/app/.next/server/chunks/18300.js:368:56596)
lobe-chat | at async tr.do (/app/node_modules/.pnpm/next@15.1.4_@babel+core@7.26.0_@opentelemetry+api@1.9.0_@playwright+test@1.49.1_react-d_aa190866c08e6c33b25c334e88819b79/node_modules/next/dist/compiled/next-server/app-route.runtime.prod.js:18:17558)
lobe-chat | at async tr.handle (/app/node_modules/.pnpm/next@15.1.4_@babel+core@7.26.0_@opentelemetry+api@1.9.0_@playwright+test@1.49.1_react-d_aa190866c08e6c33b25c334e88819b79/node_modules/next/dist/compiled/next-server/app-route.runtime.prod.js:18:22188)
lobe-chat | at async doRender (/app/node_modules/.pnpm/next@15.1.4_@babel+core@7.26.0_@opentelemetry+api@1.9.0_@playwright+test@1.49.1_react-d_aa190866c08e6c33b25c334e88819b79/node_modules/next/dist/server/base-server.js:1452:42)
lobe-chat | ⨯ ReferenceError: Cannot access 'm' before initialization
lobe-chat | at Object.y (.next/server/chunks/10424.js:257:19183)
lobe-chat | at <unknown> (.next/server/chunks/10424.js:257:23459)
lobe-chat | at <unknown> (.next/server/chunks/39355.js:159:1345)
lobe-chat | at o (.next/server/chunks/39355.js:159:1740)
lobe-chat | at s (.next/server/chunks/39355.js:159:1766)
lobe-chat | at d (.next/server/chunks/39355.js:159:1943)
lobe-chat | at <unknown> (.next/server/chunks/10424.js:257:23405)
lobe-chat | at t.a (.next/server/webpack-runtime.js:1:989)
lobe-chat | at 955225 (.next/server/chunks/10424.js:257:23158)
lobe-chat | at t (.next/server/webpack-runtime.js:1:143) {
lobe-chat | digest: '3178542458'
lobe-chat | }
Thank you for raising an issue. We will investigate into the matter and get back to you as soon as possible.
Please make sure you have given us as much context as possible.
非常感谢您提交 issue。我们会尽快调查此事,并尽快回复您。 请确保您已经提供了尽可能多的背景信息。
Hey @Flowseal! I'm here to help you solve bugs, answer questions, and become a contributor. If you need any assistance, feel free to ask!
To resolve the issue with the "response" not being a conform Authorization Server Metadata response, follow these steps:
Protocol Matching: Ensure that the protocol (http/https) in the Casdoor callback URL matches the protocol specified in the AUTH_URL setting in your .env file. Since your setup uses SSL, make sure both are set to https://.
Environment Variables: Double-check that the AUTH_CASDOOR_ISSUER is correctly set to match your Casdoor deployment. It should be https://casdoor.flowseal.com as per your setup.
Casdoor Application Configuration:
Verify that the redirect URL in your Casdoor application is correctly set to https://lobe.flowseal.com/api/auth/callback/casdoor.
Ensure that the Client ID and Client Secret are correctly set in your .env file as AUTH_CASDOOR_ID and AUTH_CASDOOR_SECRET.
Additional Environment Variables: Ensure all relevant environment variables are correctly configured:
NEXT_AUTH_SECRET: This should be a secure key for encrypting Auth.js session tokens.
NEXT_AUTH_SSO_PROVIDERS: Set this to casdoor to use Casdoor.
NEXTAUTH_URL: This should be set to https://lobe.flowseal.com/api/auth to specify the callback address for Auth.js during OAuth verification.
Nginx Configuration: Since you are using SSL, ensure that your Nginx configuration listens on port 443 for HTTPS and that SSL certificates are correctly configured.
By ensuring these configurations are correct, you should be able to resolve the issue with the Authorization Server Metadata response [1][2][3].
📦 Environment
Docker
📌 Version
v1.45.0
💻 Operating System
Windows
🌐 Browser
Chrome
🐛 Bug Description
I am trying to deploy Lobe Chat using
Domain Name Mode
guide, but with Casdoor.Let's say I have domain
flowseal.com
. I'm using WAF that automatically gives me SSL.I have successfully deployed casdoor and logged in. I have created new application, copied Client ID and Secret to .env, also set Redirect URL to https://lobe.flowseal.com/api/auth/callback/casdoor.
.env
After that I reloaded containers with
docker compose down
anddocker compose up -d
.When I press on login/register button (on
https://lobe.flowseal.com
), I'm immediately being redirected tohttps://lobe.flowseal.com/api/auth/error?error=Configuration
.Casdoor logs:
Chat logs:
docker-compose.yml
nginx.conf
I would appreciate any help!
📷 Recurrence Steps
No response
🚦 Expected Behavior
No response
📝 Additional Information
No response
The text was updated successfully, but these errors were encountered: