Skip to content

OID redirect behind reverse proxy #299

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
1 task done
Trapulo opened this issue Feb 15, 2024 · 4 comments
Closed
1 task done

OID redirect behind reverse proxy #299

Trapulo opened this issue Feb 15, 2024 · 4 comments
Labels
fixed The issue is fixed (in a coming release)
Milestone
5.0.4

Comments

@Trapulo
Copy link

Trapulo commented Feb 15, 2024

Version

5.0.3

Details & Steps to reproduce

I've a reverse proxy that performs HTTPS offloading and calls 2Fauth endpoint. All is ok.
I'm also using OID/OAUTH to authenticate users. 2Fauth is passing to the remote auth server a redirect url that is "http://myaddress" and not "https://myaddress".

I configured "APP_URL=https://myaddress" and also tried "TRUSTED_PROXIES=*" (I don't know if this is required: I work well also with null)

Expectation

2FAuth redirects user to remote authentication server passing https://myapp as redirect url.

Error & Logs

No response

Execution environment

No response

Containerization

  • Docker

Additional information

No response
@Bubka
Copy link
Owner

Bubka commented Feb 17, 2024

Did you set ASSET_URL using the same value as APP_URL?

@Trapulo
Copy link
Author

Trapulo commented Feb 19, 2024

yes, and it is the https:// address.
The web app works well, the problem is only related to the backurl used in OID trip with authentication provider, where the url is changed in http://

@Bubka
Copy link
Owner

Bubka commented Feb 19, 2024

Oh ok, I got it. The redirect url is hardcoded in a config file using a relative path, so APP_URL has no effect.
If you need a quick fix, edit the file [2fauth_dir]/config/services.php on your server and make this change:

Replace (at line 30)
'redirect' => '/socialite/callback/openid',
With
'redirect' => env('APP_URL') . '/socialite/callback/openid',

@Bubka Bubka added the fixed The issue is fixed (in a coming release) label Feb 19, 2024
@Bubka Bubka added this to the 5.0.4 milestone Feb 19, 2024
@Bubka Bubka moved this from Todo to Done in 2FAuth backlog Feb 19, 2024
@Trapulo
Copy link
Author

Trapulo commented Feb 20, 2024

I'm running on docker, and your image seems not containing bash, so I don't know how to edit it. I'll wait for new release with the fix, if this will be not to far.

@Bubka Bubka closed this as completed in 119eca6 Feb 23, 2024
@Bubka Bubka moved this from Done to Released in 2FAuth backlog Feb 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
fixed The issue is fixed (in a coming release)
Projects
2FAuth backlog
Status: Released
Milestone
5.0.4
Development

No branches or pull requests
2 participants
@Bubka @Trapulo