extern/audiobookshelf
1
0
Fork 0
mirror of https://github.com/advplyr/audiobookshelf.git synced 2025-03-22 03:18:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update oidc redirect_uri to check x-forwarded-proto header for proxies

Browse Source
This commit is contained in:
advplyr 2023-11-19 14:00:39 -06:00
parent a0f137936d
commit aa933df525
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
server/Auth.js
View File

@ -282,8 +282,9 @@ class Auth {
// We need to call the client manually, because the strategy does not support forwarding the code challenge // We need to call the client manually, because the strategy does not support forwarding the code challenge
// for API or mobile clients // for API or mobile clients
const oidcStrategy = passport._strategy('openid-client') const oidcStrategy = passport._strategy('openid-client')
const protocol = req.secure ? 'https' : 'http' const protocol = (req.secure || req.get('x-forwarded-proto') === 'https') ? 'https' : 'http'
oidcStrategy._params.redirect_uri = new URL(`${protocol}://${req.get('host')}/auth/openid/callback`).toString() oidcStrategy._params.redirect_uri = new URL(`${protocol}://${req.get('host')}/auth/openid/callback`).toString()
Logger.debug(`[Auth] Set oidc redirect_uri=${oidcStrategy._params.redirect_uri}`)
const client = oidcStrategy._client const client = oidcStrategy._client
const sessionKey = oidcStrategy._key const sessionKey = oidcStrategy._key