mwcm
commented
5 years ago same issue here, is it possible to avoid overwriting that original URI?
It seems that the original URl is stripped, even without setting OVERWRITE_REDIRECT_URI
Open djevrem opened 5 years ago
mwcm
commented
5 years ago same issue here, is it possible to avoid overwriting that original URI?
It seems that the original URl is stripped, even without setting OVERWRITE_REDIRECT_URI
I'm using the library against keycloak for authentication to secure the REST API endpoints. If a user accesses one of many REST API endpoints, he is redirected to the keycloak page. Following are the settings, of which only OVERWRITE_REDIRECT_URI matters for this issue:
app.config.update({ 'SECRET_KEY': 'keycloak client secret key', 'TESTING': True, 'DEBUG': True, 'OIDC_CLIENT_SECRETS': resource_filename(__name__, 'client_secrets.json'), 'OIDC_ID_TOKEN_COOKIE_SECURE': False, 'OIDC_REQUIRE_VERIFIED_EMAIL': False, 'OIDC_OPENID_REALM': '<realm name>', 'OIDC_INTROSPECTION_AUTH_METHOD': 'client_secret_post', 'OIDC_TOKEN_TYPE_HINT': 'access_token', 'OVERWRITE_REDIRECT_URI': 'http://myappp:8000' })oidc.init_app(app)If I access an endpoint such as https://myapp:8000/api/v1/myendpoint, then the user is upon authentication redirected to the above configured value of OVERWRITE_REDIRECT_URI. However, I'd like the redirection to be to the URI from which the request originated i.e. https://myapp:8000/api/v1/myendpoint
Is it possible assure that the user is redirected to the original page or not?