Illegal Redirect URI

[jeusch8]

Describe the bug

When trying to sign in to your spotify when reversed proxied, an Illegal redirect uri occurs. Does not occur when using local ips. The first link works, but when I go to hit sign in thats when the redirect fails.

Expected behavior

Page loads into sign in to allow users to sign into the app.

Additional context Browser is Firefox, OS Win10

Docker Compose Excerpt

services: server: image: yooooomi/your_spotify_server container_name: spotifyserver ports:

• 8079:8080 links:
• mongo depends_on:
• mongo environment:
• API_ENDPOINT= https://spotifyserver.domain.com # This MUST be included as a valid URL in the spotify dashboard (see below)
• CLIENT_ENDPOINT= https://spotifystats.domain.com
• SPOTIFY_PUBLIC=
• SPOTIFY_SECRET=
• CORS=all # all if you want to allow every origin restart: always
  mongo: container_name: mongo image: mongo:4.4.8 volumes:
• /opt/appdata/your_spotify_db:/data/db restart: always web: image: yooooomi/your_spotify_client container_name: spotifystats ports:
• 3080:3000 environment:
• API_ENDPOINT= https://spotifyserver.domain.com restart: always

SWAG Configs (sorry these arent wrapping correctly) ` server { listen 443 ssl; listen [::]:443 ssl;

server_name spotifystats.*;

include /config/nginx/ssl.conf;

client_max_body_size 0;

# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;

# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;

location / {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
    #auth_basic_user_file /config/nginx/.htpasswd;

    # enable for ldap auth (requires ldap-server.conf in the server block)
    #include /config/nginx/ldap-location.conf;

    # enable for Authelia (requires authelia-server.conf in the server block)
    #include /config/nginx/authelia-location.conf;

    include /config/nginx/proxy.conf;
    include /config/nginx/resolver.conf;
    set $upstream_app spotifystats;
    set $upstream_port 3000;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;

    # REMOVE THIS LINE BEFORE SUBMITTING: Additional proxy settings such as headers go below this line, leave the blank line above.
}

# location ~ (/<container_name>)?/api {
#     include /config/nginx/proxy.conf;
#     include /config/nginx/resolver.conf;
#     set $upstream_app <container_name>;
#     set $upstream_port <port_number>;
#     set $upstream_proto <http or https>;
#     proxy_pass $upstream_proto://$upstream_app:$upstream_port;
#
#    
# }

} `

`server { listen 443 ssl; listen [::]:443 ssl;

server_name spotifyserver.*;

include /config/nginx/ssl.conf;

client_max_body_size 0;

# enable for ldap auth (requires ldap-location.conf in the location block)
#include /config/nginx/ldap-server.conf;

# enable for Authelia (requires authelia-location.conf in the location block)
#include /config/nginx/authelia-server.conf;

location / {
    # enable the next two lines for http auth
    #auth_basic "Restricted";
    #auth_basic_user_file /config/nginx/.htpasswd;

    # enable for ldap auth (requires ldap-server.conf in the server block)
    #include /config/nginx/ldap-location.conf;

    # enable for Authelia (requires authelia-server.conf in the server block)
    #include /config/nginx/authelia-location.conf;

    include /config/nginx/proxy.conf;
    include /config/nginx/resolver.conf;
    set $upstream_app spotifyserver;
    set $upstream_port 8080;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;

}

# location ~ (/<container_name>)?/api {
#     include /config/nginx/proxy.conf;
#     include /config/nginx/resolver.conf;
#     set $upstream_app <container_name>;
#     set $upstream_port <port_number>;
#     set $upstream_proto <http or https>;
#     proxy_pass $upstream_proto://$upstream_app:$upstream_port;
#
#     
# }

} ` Screenshots

If applicable, add screenshots to help explain your problem.

Domain = whatever your domain, was changed for privacy

[Yooooomi]

Hello! Could you try only setting one redirect uri? The redirect uri being the endpoint of your backend followed by the suffix you set.

[jeusch8]

Hello, thank you for such a prompt response. Set it to just the one and still getting the error. I did hit save just to cover all your bases.

[Yooooomi]

I'm also curious why your swagger configuration seems to target the container port directly and you still expose them in the docker-compose.

[jeusch8]

Good point, I had those for the local IP and just never changed them, I commented them out and removed the containers and then redeployed them. That doesnt seem to have changed anything either. Still getting that illegal redirect uri. What is confusing is that the server is reachable thru the reverse proxy, and so is the client thru spotifystats subdomain, Im just confused why when it breaks when i use my reverse proxy vs when i just use it locally over my desktop ip and the headless server ip

services: server: image: yooooomi/your_spotify_server container_name: spotifyserver links:

• mongo depends_on:
• mongo environment:
• API_ENDPOINT= https://spotifyserver.domain.com # http://192.168.1.32:8079 # This MUST be included as a valid URL in the spotify dashboard (see below)
• CLIENT_ENDPOINT= https://spotifystats.domain.com # http://192.168.1.32:3080
• SPOTIFY_PUBLIC=REDACTED
• SPOTIFY_SECRET= REDACTED
• CORS=all # all if you want to allow every origin restart: always
  mongo: container_name: mongo image: mongo:4.4.8 volumes:
• /opt/appdata/your_spotify_db:/data/db restart: always web: image: yooooomi/your_spotify_client container_name: spotifystats environment:
• API_ENDPOINT= https://spotifyserver.domain.com #http://192.168.1.32:8079 restart: always

[Yooooomi]

It's actually weird, I don't see anything wrong with your configuration. Could you please try deleting and recreating your app? Also please be sure to hit the save button at the bottom of the popup when adding the callbacks for the first time.

[jeusch8]

I just nuked the entire setup, deleted the images, deleted the app, everything and rebuilt it with the new id and secret, hit yes and all that, and its still not working for some reason. Even changed some of the spaces to make sure that the space was messing things up and its still not working. Im very confused honestly. I literally had it working locally, but the second its reverse proxied with swag it doesnt work?

services: server: image: yooooomi/your_spotify_server container_name: spotifyserver links:

• mongo depends_on:
• mongo environment:
• API_ENDPOINT=https://spotifyserver.domain.com # http://192.168.1.32:8079 # This MUST be included as a valid URL in the spotify dashboard (see below)
• CLIENT_ENDPOINT=https://spotifystats.domain.com # http://192.168.132:3080
• SPOTIFY_PUBLIC=new id
• SPOTIFY_SECRET=new key
• CORS=all # all if you want to allow every origin restart: always
  mongo: container_name: mongo image: mongo:4.4.8 volumes:
• /opt/appdata/your_spotify_db:/data/db restart: always web: image: yooooomi/your_spotify_client container_name: spotifystats environment:
• API_ENDPOINT=https://spotifyserver.domain.com #http://192.168.1.32:8079 restart: always

[jeusch8]

Oh? It just started working after I removed it and added it a bunch of times. Ill do a bit more investigating why it just started working.

[Yooooomi]

Yes it can be capricious sometimes. Feel free to close if it disappeared forever :)

[jeusch8]

For anyone that looks at this issue, I have no idea what fixed it, I changed the redirect uri between /oauth/spotify/callback to /oauth/spotify/callback/ and then back again to /oauth/spotify/callback and that somehow fixed it after deleting the spotify app itself, deleted the docker containers, deleted all images related to this project, deleted the mongo db files itself in the console, and recreated everything. I assume it was something to do with how it was used locally then reversed proxied. Hopefully this helps. Removed some domain names to stay private.

[jeusch8]

Hello,

Recently Ive had to rebuild this and it broke again. Ive tried so many different combinations of what I posted before, Im genuinely at a loss.

Your Spotify API

server: image: yooooomi/your_spotify_server container_name: your-spotify-server links:

• mongo depends_on:
• mongo environment:
• PUID=1000
• PGID=1000
• TZ=America/New_York
• API_ENDPOINT= https://your-spotify-server.domain.com # This MUST be included as a valid URL in the spotify dashboard (see below)
• CLIENT_ENDPOINT= https://your-spotify.domain.com #
• SPOTIFY_PUBLIC= ***
• SPOTIFY_SECRET= ***

  - CORS= i-want-a-security-vulnerability-and-want-to-allow-all-origins

  restart: unless-stopped

  Web Client for Spotify

  web: image: yooooomi/your_spotify_client container_name: your-spotify-web environment:

• PUID=1000
• PGID=1000
• TZ=America/New_York
• API_ENDPOINT= https://your-spotify-server.domain.com restart: unless-stopped

  Mongo Database for Spotify

  mongo: container_name: mongodb image: mongo:6 environment:

• PUID=1000
• PGID=1000
• TZ=America/New_York volumes:
• /opt/appdata/your_spotify:/data/db restart: unless-stopped

These are my swag proxies, completely unchanged. https://github.com/linuxserver/reverse-proxy-confs/blob/master/your-spotify-api.subdomain.conf.sample https://github.com/linuxserver/reverse-proxy-confs/blob/master/your-spotify.subdomain.conf.sample

[jeusch8]

Seems to be a cache issue on browser, clearing cache seems to have fixed the problem, the one thing I did not do. Apologies for the bump.