dt-rush
commented
5 years ago This PR will be sent to pusher's fork since this repo is abandoned by bitly ( see #628 )
Open dt-rush opened 5 years ago
dt-rush
commented
5 years ago This PR will be sent to pusher's fork since this repo is abandoned by bitly ( see #628 )
ploxiln
commented
5 years ago I think the reason for the current behavior, is to allow the option to set the scheme://domain, but the path should be known by oauth2_proxy pretty well, so it overwrites just the path.
ploxiln
commented
5 years ago (agreed it's a odd to ignore the path in the option, maybe it's trying to silently fix mistakes in a manually set callback url path)
dt-rush
commented
5 years ago As far as I see it, the user specifying a callback URL should specify the callback URL, not the callback scheme://domain.
dt-rush
commented
5 years ago Actually there are more problems here in any case. OAuthCallbackPath is used to handle the callback, not RedirectURL... these are supposed to mean the same thing.
see line 55 of oauthproxy.go (link)
We literally overwrite whatever the value is with
fmt.Sprintf("%s/callback", opts.ProxyPrefix)even if the user provided a redirect URL they want to use.