Open dt-rush opened 5 years ago
This PR will be sent to pusher's fork since this repo is abandoned by bitly ( see #628 )
I think the reason for the current behavior, is to allow the option to set the scheme://domain, but the path should be known by oauth2_proxy pretty well, so it overwrites just the path.
(agreed it's a odd to ignore the path in the option, maybe it's trying to silently fix mistakes in a manually set callback url path)
As far as I see it, the user specifying a callback URL should specify the callback URL, not the callback scheme://domain.
Actually there are more problems here in any case. OAuthCallbackPath is used to handle the callback, not RedirectURL... these are supposed to mean the same thing.
see line 55 of oauthproxy.go (link)
We literally overwrite whatever the value is with
fmt.Sprintf("%s/callback", opts.ProxyPrefix)
even if the user provided a redirect URL they want to use.