Update protocol for redirect_uri in openid strategy to work for reverse proxies

2025-02-19 00:18:56 +01:00 · 2023-11-19 13:38:09 -06:00 · 2023-11-19 13:38:09 -06:00 · dcbfc963c1
commit dcbfc963c1
parent 89eb857c14
1 changed files with 2 additions and 1 deletions
--- a/server/Auth.js
+++ b/server/Auth.js
@ -282,7 +282,8 @@ class Auth {
        // We need to call the client manually, because the strategy does not support forwarding the code challenge
        //    for API or mobile clients
        const oidcStrategy = passport._strategy('openid-client')
-        oidcStrategy._params.redirect_uri = new URL(`${req.protocol}://${req.get('host')}/auth/openid/callback`).toString()
+        const protocol = req.secure ? 'https' : 'http'
+        oidcStrategy._params.redirect_uri = new URL(`${protocol}://${req.get('host')}/auth/openid/callback`).toString()
        const client = oidcStrategy._client
        const sessionKey = oidcStrategy._key