Error logging into Github from EC2 builder instance

When trying to oauth authenticate builder -> github the builder-api is logging a message that

oauth_client::github: GitHub response body: {"error":"bad_verification_code","error_description":"The code passed is incorrect or expired.","error_uri":"https://developer.github.com/apps/managing-oauth-apps/troubleshooting-oauth-app-access-token-request-errors/#bad-verification-code"}

And I am unable to sign in

I used terraform to mostly provision the builder, but it failed half way through provisioning.
I manually finished running the ./provision script and updated some values in bldr.env to match the IP of the EC2 instance I am on.

I can manually perform this authorization from this box using curl with SSL_CERT_FILE exported to the same value as the supervisor, and env | grep proxy yields no matches

I can’t think what else could be breaking here

It looks like builder is making the authenticate call twice. I started journalctl and then initiated the login process from the website one time

[root@ip-10-0-1-5 ~]# journalctl --since 'now' --follow | grep oauth
Jul 31 14:25:03 ip-10-0-1-5.us-west-2.compute.internal hab[23188]: builder-api.default(O): DEBUG 2018-07-31T14:25:03Z: oauth_client::client: Authenticate called, config: OAuth2Cfg { provider: "github", token_url: "https://github.com/login/oauth/access_token", userinfo_url: "https://api.github.com/user", redirect_url: "http://18.237.111.XXX/", client_id: "XXX", client_secret: "XXX" }
Jul 31 14:25:04 ip-10-0-1-5.us-west-2.compute.internal hab[23188]: builder-api.default(O): DEBUG 2018-07-31T14:25:04Z: reqwest::async_impl::response: Response: '200 OK' for https://github.com/login/oauth/access_token?client_id=XXX&client_secret=XXX&code=1958a4b056bfca75dd38
Jul 31 14:25:04 ip-10-0-1-5.us-west-2.compute.internal hab[23188]: builder-api.default(O): DEBUG 2018-07-31T14:25:04Z: oauth_client::github: GitHub response body: {"access_token":"VALID","token_type":"bearer","scope":""}
Jul 31 14:25:04 ip-10-0-1-5.us-west-2.compute.internal hab[23188]: builder-api.default(O): DEBUG 2018-07-31T14:25:04Z: oauth_client::github: GitHub response body: GOOD STUFF
Jul 31 14:25:04 ip-10-0-1-5.us-west-2.compute.internal hab[23188]: builder-sessionsrv.default(O): DEBUG 2018-07-31T14:25:04Z: habitat_builder_sessionsrv::server::handlers: issuing session, Session { created_at: Instant { tv_sec: 64908, tv_nsec: 5760773 }, encoded_token: "CJHAgODnqs2zDhIEMjk1NBgAIig3NzViN2JkZmM2Yjc1M2RhNzNmOWQ2NDE2NjdjNjBhYzliYmZhMGIz", inner: id: 1037856884696031249 email: "" name: "chrisortman" token: "CJHAgODnqs2zDhIEMjk1NBgAIig3NzViN2JkZmM2Yjc1M2RhNzNmOWQ2NDE2NjdjNjBhYzliYmZhMGIz" flags: 0 oauth_token: "775b7bdfc6b753da73f9d641667c60ac9bbfa0b3" }
Jul 31 14:25:04 ip-10-0-1-5.us-west-2.compute.internal hab[23188]: builder-api.default(O): DEBUG 2018-07-31T14:25:04Z: oauth_client::client: Authenticate called, config: OAuth2Cfg { provider: "github", token_url: "https://github.com/login/oauth/access_token", userinfo_url: "https://api.github.com/user", redirect_url: "http://18.237.111.XXX/", client_id: "XXXX", client_secret: "XXXX" }
Jul 31 14:25:04 ip-10-0-1-5.us-west-2.compute.internal hab[23188]: builder-api.default(O): DEBUG 2018-07-31T14:25:04Z: reqwest::async_impl::response: Response: '200 OK' for https://github.com/login/oauth/access_token?client_id=XXXX&client_secret=XXXX&code=1958a4b056bfca75dd38
Jul 31 14:25:04 ip-10-0-1-5.us-west-2.compute.internal hab[23188]: builder-api.default(O): DEBUG 2018-07-31T14:25:04Z: oauth_client::github: GitHub response body: {"error":"bad_verification_code","error_description":"The code passed is incorrect or expired.","error_uri":"https://developer.github.com/apps/managing-oauth-apps/troubleshooting-oauth-app-access-token-request-errors/#bad-verification-code"}

Hmm so this is an issue you’re seeing with adding GH as the Oauth provider for you on-prem repo? Let’s see about getting some info on this from @raskchanky /@salam since I think they might be the ones who wrote that.

Are you still seeing this issue? If so, would you mind filing an issue against the builder repo?

No, it looks like it is fixed testing with whatever is released / current as of this morning