cmintey
commented
18 hours ago Are you accessing mealie from http? To craft the redirect url, the backend uses the base_url from the request
Open pgrond opened 22 hours ago
cmintey
commented
18 hours ago Are you accessing mealie from http? To craft the redirect url, the backend uses the base_url from the request
cmintey
commented
18 hours ago Could also be an issue with your proxy not sending the X-Forwarded-Proto header
First Check
What is the issue you are experiencing?
When logging in with OIDC and Authentik as provider the redirect URL is http:// and not https:// which gives an error because in Authentik I have configured only https variant.
Steps to Reproduce
Enable OIDC and add an application/provider in Authentik
Relevant composer config: BASE_URL: https://xxxx.tld.com OIDC_AUTH_ENABLED: 'true' OIDC_SIGNUP_ENABLED: 'true' OIDC_CONFIGURATION_URL: "https://auth.tld.com/application/o/mealie/.well-known/openid-configuration" OIDC_CLIENT_ID: BW6Vok2JI3u1AeaamCmmMXs6ID1sTKEw4hb5m7WQ OIDC_CLIENT_SECRET: xxx OIDC_USER_GROUP: "mealie_users" OIDC_ADMIN_GROUP: "mealie_admins" OIDC_AUTO_REDIRECT: 'true' OIDC_PROVIDER_NAME: Authentik OIDC_REMEMBER_ME: 'true' OIDC_USER_CLAIM: 'email'
Authentik config:
Please provide relevant logs
server-1 | {"auth_via": "session", "domain_url": "xxxx.tld.com", "event": "Invalid redirect uri (regex comparison)", "host": "xxxx.tld.com", "level": "warning", "logger": "authentik.providers.oauth2.views.authorize", "pid": 184, "redirect_uri_expected": ["https://xxxx.tld.com/login", "https://xxxx.tld.com/login?direct=1"], "redirect_uri_given": "http://xxxx.tld.com/login", "request_id": "bb75988efd204d1ea1561a110acb514d", "schema_name": "public", "timestamp": "2024-10-31T14:03:46.040257"}
Mealie Version
2.1.0
Deployment
Docker (Linux)
Additional Deployment Details
No response