Ok, it certainly looks the first step of the authentication process is working correctly. There are three steps that must be completed for the GitLab SSO to work fully:
- Receive an access code from
http://gitlab.mydomain.com/oauth/authorize(which looks to be happening correctly) - Exchange that access code for an access token through
http://gitlab.mydomain.com/oauth/token(where we seem to be failing) - Retrieve the user object from
http://gitlab.mydomain.com/api/v3/user
If these work, they should all happen quickly and you as the user should hardly notice anything happening at all.
If you look in the server log for GitLab (the production.log), do you see a request being made to http://gitlab.mydomain.com/oauth/token? How GitLab responds to that request is causing the failure on the second step and if the log shows anything it could be very useful in figuring out the issue.