RedirectURL Validation issue https://github.com/argoproj/argo-cd/pull/4780

[onkar6699]

Checklist:

• [x] I've searched in the docs and FAQ for my answer: https://bit.ly/argocd-faq.
• [x] I've included steps to reproduce the bug.
• [x] I've pasted the output of argocd version.

Describe the bug

1. I have configured nginx reverse proxy for argocd application
2. OIDC Integration failing with error Invalid redirect URL: the protocol and host (including port) must match and the path must be within allowed URLs if provided
3. As per this PR https://github.com/argoproj/argo-cd/pull/4780 allowed URLi tried

To Reproduce

ArgoCD OIDC Config url: https://argocd.example.com (nginx exposed app) oidc.config: | name: MYIDP issuer: myissuerURL clientID: 0oa9abcdefgh123AB5d7 clientSecret: ABCDEFG1234567890abcdefg requestedScopes: ["openid", "profile", "email", "groups"] requestedIDTokenClaims: {"groups": {"essential": true}}

In IDP i have configured OIDc APP with all URL mentioned in PR i am getting same error Expected behavior

it should login to app

Screenshots

Version

argocd: v2.12.6+4dab5bd BuildDate: 2024-10-18T17:39:26Z GitCommit: 4dab5bd6a60adea12e084ad23519e35b710060a2 GitTreeState: clean GoVersion: go1.22.4 Compiler: gc Platform: linux/amd64

Logs

In info log of oidc i am getting only time="2024-11-19T13:41:29Z" level=info msg="OIDC supported scopes: [openid profile email phone address groups]" after that above invalid redirect URL

@jannfis need your input

[onkar6699]

What Redirect URI should I give?

[onkar6699]

@andrii-korotkov-verkada can you help me why i am facing this issue?

[andrii-korotkov-verkada]

I don't have an immediate answer. I've seen examples of using dex.config, but not oidc.config.

[andrii-korotkov-verkada]

Please, try to get debug logs.