-
-
Notifications
You must be signed in to change notification settings - Fork 99
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Redirect URI changes from https to http #303
Comments
@HiralBarot1512 can you include the full error and the logs? It's also a good idea for you to debug the application and library to see why exactly that URI mismatch error is being raised. You can do so by dropping a |
@tim-schilling @HiralBarot1512 Any updates on this? I've been looking for a solution for a few days now without a way to fix the problem. It looks like the REDIR_URI setting is deprecated and no longer available. I see there's discussion of adding it back, but I don't see it in the main branch yet. One thing to note is I only experience this issue with asgi / uvicorn. No issue with wsgi. |
Hi @alex-atkins, no there isn't. If you'd like to help move things along, can you please go through the flow and include the full error and logs as I asked Hiral to do here: #303 (comment) If you can identify where and why things aren't lining up or create a minimal reproducible example, that can help move everyone forward. |
@tim-schilling I have django-auth-adfs logs set to debug and there are not errors related to this. I don't see any gunicorn errors either. The only error is the one directly from Azure which, is the same reference in these other issues: #330 #327 I have all the recommended settings for django and nginx:
nginx.conf
I'm open to debugging suggestions, but the issue only occurs when deployed to a server and not localhost, since localhost is http. This has made debugging rather difficult. The error from Azure's side is pretty clear, I only have https endpoints allowed and it's receiving an http redirect from my server. When django-auth-adfs sets the redirect_uri in the Repsonse Headers it is HTTP instead of HTTPS. For some reason the settings telling it to use HTTPS only are not being respected. Azure Error: |
Have you confirmed that's in the payload that's being sent to Azure? |
@tim-schilling Looks like this was a classic case of user error. I'd been doing something weird with how I was loading my environment settings and for some reason it worked on WSGI, but with ASGI it didn't. Essentially the SSL settings above were not actually being set. My apologies! Thank you all for making an awesome package 💯 |
Glad you found your solution! Thank you for the kind words and patience. Closing the issue for staleness |
I followed this tutorial https://django-auth-adfs.readthedocs.io/en/latest/azure_ad_config_guide.html#step-3-register-and-configure-an-azure-ad-frontend-application and everything is set as per that, but when i try to login i am seeing URI mismatch error and cause for that is i can see http instead of https in redirect_uri. I also tried passing
AUTH_ADFS = {
....
'REDIR_URI': 'https://abc.com'
...
}
but its not working even after this too. I tried setting up all these one by one but no luck.
SECURE_SSL_REDIRECT = True
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
USE_X_FORWARDED_HOST = True
USE_X_FORWARDED_PORT = True
Any help would be appreciated.
Thanks
Upvote & Fund
The text was updated successfully, but these errors were encountered: