search

rayluo / identity

This is an authentication/authorization library optimized for web apps. It provides some higher level APIs built on top of Microsoft's MSAL Python. Read its documentation here: https://identity-library.readthedocs.io
https://identity-library.readthedocs.io
MIT License
48 stars 6 forks source link

Error managing the "script_root" part of original requested URL on the redirect after login #39

Open ralcini opened 14 hours ago

ralcini commented 14 hours ago

In the case Flask is configured to be run under a reverse proxy and mounted in a specific root path, we need to configure the APPLICATION_ROOT.

You can examine the url through several Request fields: Imagine your application is listening on the following application root:

http://www.example.com/myapplication

And a user requests the following URI:

http://www.example.com/myapplication/foo/page.html?x=y In this case the values of the above mentioned attributes would be the following:

path             /foo/page.html
full_path        /foo/page.html?x=y
script_root      /myapplication
base_url         http://www.example.com/myapplication/foo/page.html
url              http://www.example.com/myapplication/foo/page.html?x=y
url_root         http://www.example.com/myapplication/

The issue is that the script_root is not evaluated during redirect made in pallet.py determining next_link and after the login we are redirected to a path missing of script_root path, causing an error.