search

Neoteroi / BlackSheep

Fast ASGI web framework for Python
https://www.neoteroi.dev/blacksheep/
MIT License
1.8k stars 75 forks source link

Google oidc on my https server #378

Closed Nicialy closed 1 year ago

Nicialy commented 1 year ago

I dont understand why, but google oidc work differently on https server, he changed request with POST on GET. Normal oidc my localhost:

https server: image on my localhost image Why on my server google-callback changes type request?

RobertoPrevato commented 1 year ago

@Nicialy there is nothing in the BlackSheep OIDC implementation that can cause a different behavior depending on the scheme of the request. I used the OIDC integration with apps over HTTPS and didn´t experience such issue. I tried with Google integration over HTTPS using ngrok, and it works as expected.

image

Did you enable both redirect URLs in your Google app settings? My configuration looks like:

image

If you don´t provide reproduction steps I cannot help more.

RobertoPrevato commented 1 year ago

I suspect, if you forget to add the right "Authorized redirect URL" with HTTPS scheme, and you have only one with HTTP, the identity provider can redirect you to the enabled value, with error information (redirect_uri_mismatch). In that case you can experience a redirect to a different scheme (as a collateral effect) when trying to make a user flow.