Callback URL needs to use HTTPS for Google provider

[woodie]

I've configured Apache with let's Encrypt and certbot so everything is working, described here, with a virtual host on port 443, but the callback still wants to report that it's using HTTP on port 8111. Seems like the issue is with properties.getRootUrl()).

Google OAuth — Authorization Error

If you’re the app developer, make sure that these request details comply with Google policies.
redirect_uri: http://teamcity.mydomain.com:8111

Should be redirect_uri: https://teamcity.mydomain.com

https://accounts.google.com/o/oauth2/v2/auth ?
  response_type=code &
  client_id=NOT_SHOWN &
  state=NOT_SHOWN &
  redirect_uri=http://teamcity.mydomain.com:8111 &
  scope=profile email

Also, I hid the original login form, so now I'm locked out. Where can I change this setting in the database?

[woodie]

I got a response from JetBrains,

Hi, could you please open the Administration -> Global Settings page?
What do you see there in the Server URL: field?

Working perfectly now, but I had to drop the database to get back in. The setup process should be:

1. Get HTTPS configured and working properly.
2. Update the external Server URL on Administration -> Global Settings.
3. Upload the teamcity-oauth-x.x.x.zip file on Administration -> Plugins.
4. Enable HTTP-OAUTH.v2 on Administration -> Authentication.
   • Check Allow creating new users on the first login
   • Enter the Client ID, Client Secret, Scope and Email Domain.
   • DO NOT check Hide login from yet.
   • DO NOT log out as admin just yet.
5. Log in with OAuth as your GSuite user in a new incognito browser.
6. Return to the admin browser session
7. Make your GSuite user an administrator on Administration -> Users.
8. Check Hide login from on Administration -> Authentication -> HTTP-OAUTH.v2 -> Edit.