V 1.0.6 does not respect HTTPS protocol when forwarded from a proxy.

verdan / flaskoidc

A wrapper of Flask with pre-configured OIDC support

Apache License 2.0

52 stars 35 forks source link

V 1.0.6 does not respect HTTPS protocol when forwarded from a proxy. #26

Closed delwaterman closed 2 years ago

delwaterman commented 2 years ago

We are using Amundsen with OIDC but have SSL terminated on an ingress(nginx) that sits in front of the servers. We run gunicorn and pass the option --forwarded-allow-ips * to enable gunicorn to know that the original request used https. This worked correctly for version 1.0.4. When we upgrade to version 1.0.6, the redirects were to http not to https.

Please let us know if you need more information.

verdan commented 2 years ago

@delwaterman can you please try to set the following config https://github.com/verdan/flaskoidc#flask_oidc_force_scheme and see if this solves your issue. There were some problems with the older implementation of HTTP schemes, hence we introduced the force mechanism.

delwaterman commented 2 years ago

Just tested the fix and it works correctly. Thank you.