search

Solar-Helix-Independent-Transport / allianceauth-oidc-provider

SSO from Auth? Madness!
MIT License
1 stars 2 forks source link

iss url protocol mismatch #2

Open snipereagle1 opened 8 months ago

snipereagle1 commented 8 months ago

While setting up matrix, I ran into an issue where the iss claim in the JWT had http://{AUTH_URL} when the application was expecting https://{AUTH_URL}. I fixed it by setting the following in my nginx config:

server {
  # default config here
  location / {
    # default config here
    proxy_set_header X-Forwarded-Proto $scheme; # added line
  }
}

and the following in local.py:

SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
pvyParts commented 8 months ago

Notes on top of the above: In the default auth docker stack, with these settings it is still showings as http. Sniper runs a custom stack without NPM so I assume this is the issue.

Need to investigate removing the middle manager allianceauth_nginx and/or adjusting NPM/auth_nginx to work as expected.