PANIC: interface conversion: error is user.ErrUserProhibitLogin, not *user.ErrUserProhibitLogin

[9p4]

Gitea Version

1.16.0

Git Version

No response

Operating System

Debian 11

How are you running Gitea?

Using Debian packages from here: https://gitlab.com/packaging/gitea

Database

PostgreSQL

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

https://gist.github.com/9p4/0726fa74d36bfc617d9d8762cd1c1441

Description

When using an OpenID Connect provider and signing in, there is an error: PANIC: interface conversion: error is user.ErrUserProhibitLogin, not *user.ErrUserProhibitLogin

My OpenID configuration (from DB): {"Provider":"openidConnect","ClientID":"gitea","ClientSecret":"secret","OpenIDConnectAutoDiscoveryURL":"https://auth.example.com/.well-known/openid-configuration","CustomURLMapping":{},"IconURL":"","Scopes":["profile"],"RequiredClaimName":"roles","RequiredClaimValue":"gitea","GroupClaimName":"","AdminGroup":"gitea_admin","RestrictedGroup":""}

The user has an attribute called roles that has the following values: gitea, gitea_admin.

On the frontend (with dev mode enabled), I get the following 500 error when clicking the OpenID login button: could not find a matching session for this request. I am using Keycloak as my OpenID provider.

Everything is configured normally.

APP_NAME = Gitea
RUN_USER = gitea
RUN_MODE = dev

[database]
DB_TYPE  = postgres
HOST     = 127.0.0.1:5432
NAME     = gitea
USER     = gitea
PASSWD   = secret
SCHEMA   = 
SSL_MODE = disable
CHARSET  = utf8
PATH     = /var/lib/gitea/data/gitea.db
LOG_SQL  = false

[repository]
ROOT = /srv/git/repo

[server]
SSH_DOMAIN       = git.example.com
DOMAIN           = git.example.com
HTTP_PORT        = 3000
ROOT_URL         = https://git.example.com/
DISABLE_SSH      = true
LFS_START_SERVER = true
LFS_CONTENT_PATH = /srv/git/lfs
LFS_JWT_SECRET   = secret
OFFLINE_MODE     = false

[mailer]
ENABLED = false

[service]
REGISTER_EMAIL_CONFIRM            = false
ENABLE_NOTIFY_MAIL                = false
DISABLE_REGISTRATION              = false
ALLOW_ONLY_EXTERNAL_REGISTRATION  = true
ENABLE_CAPTCHA                    = false
REQUIRE_SIGNIN_VIEW               = false
DEFAULT_KEEP_EMAIL_PRIVATE        = true
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ENABLE_TIMETRACKING       = true
NO_REPLY_ADDRESS                  = noreply.localhost

[picture]
DISABLE_GRAVATAR        = true
ENABLE_FEDERATED_AVATAR = false

[openid]
ENABLE_OPENID_SIGNIN = false
ENABLE_OPENID_SIGNUP = true

[session]
PROVIDER = memory
#PROVIDER = memcache
#PROVIDER_CONFIG = 127.0.0.1:11211
COOKIE_SECURE = true
COOKIE_NAME = gitea
DOMAIN = git.example.com
SAME_SITE = strict

[log]
MODE      = console
LEVEL     = info
ROOT_PATH = /var/lib/gitea/log
ROUTER    = console

[security]
INSTALL_LOCK       = true
INTERNAL_TOKEN     = secret
PASSWORD_HASH_ALGO = pbkdf2

[cache]
ENABLED = false
ADAPTER = redis
HOST = redis:///var/run/redis/redis.sock/0?pool_size=100&idle_timeout=180s
ITEM_TTL = 16h

[oauth2_client]
ENABLE_AUTO_REGISTRATION = true
UPDATE_AVATAR = true

Screenshots

No response

[zeripath]

Thank you for the logs - that makes fixing this very simple indeed.