Use httpS callback URL for Okat auth system


#1

Hi,

we are trying to use shinyproxy with an okta auth system.
Everything seems to be going well except for the very last steps, the callback URL is http://(your-shinyproxy-url)/login/oauth2/code/shinyproxy but we haven an error because our okta system doesn’t allow a redirection on a non-httpS URL.
How an we force shinyproxy to use httpS://(your-shinyproxy-url)/login/oauth2/code/shinyproxy as callback URL ?

Regards


#2

Hi @VincentGuyader,

Do you have a proxy (nginx maybe) in place that terminates ssl?
If this is the case, shinyproxy receives http requests and assumes the redirect must also be http.
To make it clear that the original request was https, add the following setting to your application.yml:

server:
  useForwardHeaders: true 

In this case, the header X-Forwarded-Proto will be inspected to figure out if http or https was used.