Comments (8)
Have you added https://service.domain.com/_oauth in the Google Oauth Console?
from traefik-forward-auth.
I did but the calling url is http and not https.
Do you know why ? Maybe a missing header
from traefik-forward-auth.
Sorry I'm not following you, in your example all the URL's had https at the start, so I can't see an issue with that.
Could you give an example request flow?
from traefik-forward-auth.
Sure, I'm call my service with https then I'm redirected to google auth screen but I get a 400 error with the message : the redirect URI in the request, http://service.domain.com/_oauth, does not match the ones authorized for the OAuth client.
I did a wrong copy paste in my initial post. The _oauth url is called with http instead of https.
from traefik-forward-auth.
Hmm, are you sure your first request is https? If it is, are you being redirected to http before being redirected to google? (You will have to watch your request log in your browser to check).
from traefik-forward-auth.
I'm pretty sure but I'm doing ssl offloading through haproxy maybe the issue comes from that.
from traefik-forward-auth.
Yep, that will be the issue - the way this tool works at the moment is to look at the protocol of the request as received by traefik.
I could look at a way to override this in the future but unfortunately this wouldn't be a quick fix for me
from traefik-forward-auth.
from traefik-forward-auth.
Related Issues (20)
- Feature request: Pull information about groups of user HOT 1
- How to check for token revocation?
- Safe deployment HOT 1
- multiple whitelist users in rules doesn't work HOT 1
- go-compiler Multiple Vulnerabilities
- whitelist rule not working with arm64 images or images <= 2.2
- Invalid Cookie should point to a recoverable state
- oidc: issuer did not match the issuer returned by provider HOT 2
- oidc: id token signed with unsupported algorithm, expected ["RS256"] got "ES384" HOT 2
- 404 not found after Successful Sign in HOT 2
- Endless loop when using OIDC (cognito) as provider ERR_TOO_MANY_REDIRECTS HOT 3
- Missing Binary Files (and Instructions)
- Device code flow support
- Whitelist is case sensitive
- Getting this error when trying to install via truecharts HOT 1
- Trim the whitelisted emails
- Dockerfile not working anymore and no dockerhub update HOT 1
- Whitelist requester's IP CIDR HOT 1
- Trusted IP's broken...?
- Rules to allow api access match but doesn't redirect HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from traefik-forward-auth.