Incorrect Google auth redirect URL when using proxy
tomasj opened this issue · comments
Using docker-compose installation method, I've succesfuly installed confidant new instance. Confidant listens on port 1234 and URL confidant.mydomain.com is proxied to this port, works like a charm.
Problem is that after successful google login, user gets redirect to localhost:1234. Instead it should be redirected to confidant.mydomain.com or confidant.mydomain.com/v1/login.
It seems like there is no way to change this behavior. There used to be deprecated REDIRECT_URI
var, which aparently does nothing :-)
Relevant part of my env vars look like this:
- USER_AUTH_MODULE=google
- SAML_CONFIDANT_URL_ROOT=https://confidant.mydomain.com
- REDIRECT_URI=https://confidant.mydomain.com
- GOOGLE_OAUTH_CLIENT_ID=....apps.googleusercontent.com
- GOOGLE_OAUTH_CONSUMER_SECRET=...
- USER_EMAIL_SUFFIX=@mydomain.com
- AUTHOMATIC_SALT=...
Thank you Ryan, works great now!
For future reference, I just set bunch of forwarding headers in my NGINX config:
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://my-internal-hostname:1234/;