From dcbfc963c1190193acb89bfa48e5181d0cff1371 Mon Sep 17 00:00:00 2001
From: advplyr <advplyr@protonmail.com>
Date: Sun, 19 Nov 2023 13:38:09 -0600
Subject: [PATCH] Update protocol for redirect_uri in openid strategy to work
 for reverse proxies

---
 server/Auth.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/server/Auth.js b/server/Auth.js
index 261c0854..a0f791ca 100644
--- a/server/Auth.js
+++ b/server/Auth.js
@@ -282,7 +282,8 @@ class Auth {
         // We need to call the client manually, because the strategy does not support forwarding the code challenge
         //    for API or mobile clients
         const oidcStrategy = passport._strategy('openid-client')
-        oidcStrategy._params.redirect_uri = new URL(`${req.protocol}://${req.get('host')}/auth/openid/callback`).toString()
+        const protocol = req.secure ? 'https' : 'http'
+        oidcStrategy._params.redirect_uri = new URL(`${protocol}://${req.get('host')}/auth/openid/callback`).toString()
         const client = oidcStrategy._client
         const sessionKey = oidcStrategy._key