Open alecpl opened 2 months ago
I know this is more of a Laravel general setting/problem, but would it be possible to force https:// in DiscoveryController?
DiscoveryController
There are url() and route() calls that all return http://, but I need them to be https://.
url()
route()
http://
https://
All URIs MUST use https:// according to the protocol spec. So, I think it should be enforced in your code.
There's also a code in IdTokenResponse::getBuilder() that would need to return https:// for the $issuer.
IdTokenResponse::getBuilder()
$issuer
BTW: URL::forceScheme('https'); does not fix issuer in IdTokeResponse, which might be a bug in itself.
URL::forceScheme('https');
IdTokeResponse
I know this is more of a Laravel general setting/problem, but would it be possible to force https:// in
DiscoveryController?There are
url()androute()calls that all returnhttp://, but I need them to behttps://.All URIs MUST use
https://according to the protocol spec. So, I think it should be enforced in your code.There's also a code in
IdTokenResponse::getBuilder()that would need to returnhttps://for the$issuer.BTW:
URL::forceScheme('https');does not fix issuer inIdTokeResponse, which might be a bug in itself.