Hadatko
commented
1 month ago This issue is same for newer version
Open Hadatko opened 1 month ago
Hadatko
commented
1 month ago This issue is same for newer version
9p4
commented
1 month ago Is your reverse proxy sending x-forwarded-port? Please send me your reverse proxy configuration.
Hadatko
commented
1 month ago # ------------------------------------------------------------
# foo.bar.eu
# ------------------------------------------------------------
map $scheme $hsts_header {
https "max-age=63072000; preload";
}
server {
set $forward_scheme http;
set $server "192.168.1.120";
set $port 8096;
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name foo.bar.eu;
# Let's Encrypt SSL
include conf.d/include/letsencrypt-acme-challenge.conf;
include conf.d/include/ssl-ciphers.conf;
ssl_certificate /etc/letsencrypt/live/npm-39/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/npm-39/privkey.pem;
# Block Exploits
include conf.d/include/block-exploits.conf;
# Force SSL
include conf.d/include/force-ssl.conf;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
access_log /data/logs/proxy-host-16_access.log proxy;
error_log /data/logs/proxy-host-16_error.log warn;
location / {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
# Proxy!
include conf.d/include/proxy.conf;
}
# Custom
include /data/nginx/custom/server_proxy.conf;
}
I also will need to see the contents of those includes.
Elivis-AI
commented
1 month ago Identical problem. My Jellyfin server is behind a reverse proxy (npm). npm configuration is set as default.
And 'redirect_uri' lacked port.
Additional: error exists only if jellyfin server is behind a reverse proxy. I believe the problem is in the configuration of proxy.
Elivis-AI
commented
1 month ago Update: add an additional item to make manual set redirect uri available in plugin should fix the bug.
I ran jellyfin and npm at the same docker network, and in nmp configuration the proxy_pass was docker alias name http://jellyfin-docker:port, while redirect uri changed to https://jellyfin-docker/sso/OID/redirect/...
Solved: manually set proxy_set_header Host <your_public_domain>:<public_port>; in nginx configuration, and everything works well.
9p4
commented
1 month ago Again, are any of your reverse proxies sending x-forwarded-port?
Elivis-AI
commented
1 month ago Yes, but I don't think it's handled correctly. Part of my nginx configuration (works well):
location / {
proxy_pass http://jellyfin-docker:8086/;
proxy_set_header Host <my_public_domain>:<public_port>; # you will get an error with this commented
proxy_set_header X-Forwarded-Host <my_public_domain>;
proxy_set_header X-Forwarded-Port <public_port>; # doesn't work
proxy_set_header X-Forwarded-Proto $forward_scheme;
proxy_set_header X-Forwarded-Scheme $forward_scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}redirect_uri will be https://<my_public_domain>:<public_port>/sso/OID/redirect/authentik (correct).
Controlled Experiment: Remain x-forwarded settings only.
proxy_pass http://jellyfin-docker:8086/;
# proxy_set_header Host <my_public_domain>:<public_port>; # you will get an error with this commented
proxy_set_header X-Forwarded-Host <my_public_domain>;
proxy_set_header X-Forwarded-Port <public_port>; # doesn't work
proxy_set_header X-Forwarded-Proto $forward_scheme;
proxy_set_header X-Forwarded-Scheme $forward_scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
}redirect_uriwill be https://jellyfin-docker:8096/sso/OID/redirect/authentik (error).
Hadatko
commented
2 weeks ago @Elivis-AI sounds good but if i set HOST manually my site is not reachable ;/
9p4
commented
1 week ago May be an issue somewhere around here https://github.com/9p4/jellyfin-plugin-sso/blob/b8e56cefab12b2ad614d5a7b589e7de7b575d76b/SSO-Auth/Api/SSOController.cs#L1074
Describe the bug A clear and concise description of what the bug is.
Hi, i am using custom https port and keycloack for sso. When i used standard https port 443 everything worked well. Now i moved to 8443 so my website is https://foo.bar.eu:8443
But redirect_uri is still using https://foo.bar.eu.
To Reproduce Steps to reproduce the behavior:
Expected behavior A clear and concise description of what you expected to happen. redirect_uri=https://foo.bar.eu:8443
Screenshots If applicable, add screenshots to help explain your problem.
Configuration Add your plugin configuration XML file here formatted as code (with three backticks surrounding the text), or as an upload to a pastebin service.
Versions (please complete the following information):
Additional context Add any other context about the problem here. Was the plugin built from source?
jellyfin is running in docker and i am using Nginx Proxy Manager.