Closed wehostadm closed 1 year ago
I have the same issue with a custom provider that also requires HTTPS (if it's not localhost
).
Issue is happening on Heroku: https://osm-welcome-tool.herokuapp.com/
Any idea how to fix this (or force HTTPS for redirect_uri
) ?
Thanks.
I could fix this issue following the trusted proxies configuration : https://symfony.com/doc/current/deployment/proxies.html#but-what-if-the-ip-of-my-reverse-proxy-changes-constantly
I hope it will help you too.
This issue isn't related to the bundle, am I wrong? If not, please close this issue. Thanks.
I confirm this is not an issue with the bundle, but we see it when we setup the bundle with google ;)
I confirm that the @jbelien workaround is probably the best one as you don't have to force the scheme for a particular route.
In my case I have a Symfony4 behind dokku, and I just have to add an environment variable:
TRUSTED_PROXIES=127.0.0.1,REMOTE_ADDR
To make it work.
Ok. Can you close this, please?
Ok. Can you close this, please?
I think that only the original author (@wehostadm) or mainteners of the bundle can close the case,
Yeah sorry, thought it was you.
It looks like this issue is still not solved fully. How can I force the bundle to redirect a https url? For some clients like facebook the https redirect url is mandatory. Thank you for the help!
Closing - as mentioned, this is likely a misconfig of your trusted proxies config.
put simply: if your user is already on https on your site, symfony will generate https urls. If your user is on https and symfony is NOT generating https urls, then this is because symfony thinks the user is on http, and that’s caused by symfony not trusting the “X-Forwarded-Proto” header sent by a reverse proxy somewhere in your stack.
Hi,
Google has changed its rules for Oauth2 redirect URI and we should now use https. I use Symfony 4 with your bundle and the configuration file is :
In the security controller, the route is defined like this :
However, it continues to generates an http route : http://localhost/connect/check
The result is a 400 error code form Google : redirect_uri_mismatch
How can I force to generate https://localhost/connect/check with https protocol ?
Thanks a lot