AuthHost setting not being used #352
nakermann1973
started this conversation in
General
Replies: 1 comment
-
Taking a quick look at the code, I think the problem is coming from traefik-forward-auth/internal/auth.go Line 159 in c4317b7 config.AuthHost is in one domain (auth.my.first.domain ), and my request is to the second domain (whoami2.my.second.domain ). Both of these are in my cookiedomains, but the code checks if authHost and reqHost match, which they don't.
If I change L159 to |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I am trying to understand why my config which sets auth-host is not actually using my auth-host. On startup, my docker container logs the following (my domains obfuscated):
All my sites mentioned below are successfully accessible using tls.
I have two sites:
whoami.my.second.domain
successfully prompts for google authentication, and after logging in,X-Forwarded-User
is set correctly.whoami2.my.second.domain
loads a google authentication error "Access blocked: This app’s request is invalid. Error 400: redirect_uri_mismatch.https://whoami.my.second.domain/_oauth
andhttps://auth.my.first.domain/_oauth
are listed in "Authorised redirect URIs" in my oauth2 client id, buthttps://whoami2.my.second.domain/_oauth
is not.When I run
curl -i https://whoami.my.second.domain
, the redirect location URI containsredirect_uri=https%3A%2F%2Fwhoami.my.second.domain%2F_oauth
When I run
curl -i https://whoami2.my.second.domain
, the redirect location URI containsredirect_uri=https%3A%2F%2Fwhoami2.my.second.domain%2F_oauth
I understand why
https://whoami.my.second.domain
is successful, since it is listed as an authorised redirect URI andwhoami2
is not. What I don't understand is why it is not usingauth.my.first.domain
in the redirect URI , and using my configured auth-hostBeta Was this translation helpful? Give feedback.
All reactions