ERROR: can't decrypt token unpad error. This could happen when incorrect encryption key is used

[astaruch]

Hello, I was setting up the plugin and everything worked fine. Then I've accidentally started the Mattermost server instance and lost the whole configuration and now I am setting it up from the ground again.

I am guessing, that some settings have persisted in the database, since I am receiving following error:

{"level":"error","ts":1625153373.8097563,"caller":"mlog/sugar.go:25","msg":"can't decrypt token","plugin_id":"com.github.manland.mattermost-plugin-gitlab","err":"unpad error. This could happen when incorrect encryption key is used"}

I guess it is this line:

mattermost-plugin-gitlab/server/plugin.go

Line 163 in bb1e4fb

p.API.LogError("can't decrypt token", "err", err.Error())

I have tried following:

1. uninstalling plugin & installing plugin
2. resetting all settingssettings in Pugins -> GitLab
3. removing all old webhooks in self-hosted GitLab

Now, the GitLab part is OK:

Problem is on the Mattermost side. Following "Unknown Error" is after /gitlab me or /gitlab disconnect:

mmctl version
mmctl v5.35.0 -- a2fb3f6d9bb3851fa52f692718a93403c99e32be

mmctl plugin list
WARNING: server version 5.36.1.5.36.1.f8c5c7e436d1d06ba4bbb0d689fe6931.false doesn't match mmctl version 5.35.0
Listing enabled plugins
com.github.manland.mattermost-plugin-gitlab: GitLab, Version: 1.3.0

Any ideas how can I update the encryption key in the Mattermost or mattermost-plugin-gitlab?

I guess, that after changing settings in /opt/mattermost/config/config.json:

{
        "Plugins": {
            "com.github.manland.mattermost-plugin-gitlab": {
                "enableprivaterepo": true,
                "encryptionkey": "secret-JYEvKxhnAzsDA",
                "gitlabgroup": null,
                "gitlaboauthclientid": "secret-3c1112b3d333093f72f164111f1042c6629cde1",
                "gitlaboauthclientsecret": "secret-6e612216d6485998ed3378dc11fac81134",
                "gitlaburl": "https://git.domain",
                "webhooksecret": "secret-mOBHCPtws2cANGuf"
            }
        },
}

The database is not updated. Is there any way how to trigger it?

EDIT: Just asked a colleague who have not did have Mattermost GitLab plugin integration (/gitlab connect) and it is working for him. Therefore, there are probably some remedies for my original account, since when I am doing /gitlab me I am getting Unknown Error as was screenshoted above.

Is there a way how can I disconnect bot for my account? /gitlab disconnect yields the same problem.

[astaruch]

After several hours of trying to come up with solution I have found only the following workaround - complete deleting the user which has a problem with the gitlab-plugin.

mmctl is on the path of the system

Steps for the future references if:

1. Set in /opt/mattermost/config/config.json key ServiceSettings.EnableAPIUserDeletion to true
2. Create a backup of database
3. Create a new system user
4. Create a new personal access token for this user
5. Login to mmctl with this new token: mmctl auth login https://mattermost.domain --name mattermost --access-token TOKEN
6. Complete delete the user from Mattermost: mmctl user delete PROBLEMATIC_USER_ID
7. Set back key ServiceSettings.EnableAPIUserDeletion to false
8. Login again with the user that we've had problems before through the GitLab SSO
9. Make a connection with the GitLab plugin /gitlab connect
10. Verify it is working: /gitlab me
    

[astaruch]

So improvement suggestion for this mattermost-plugin-gitlab:

• being able to somehow reset settings between a User and GitLab Plugin in another way, as completely deleting the user from the database