Fails after redirect when using Cloudflared addon

Question

Fails after redirect when using Cloudflared addon

Closed this issue 10 months ago · 3 comments

TheOriginalMrWolf commented 10 months ago

Hi,

First - many thanks for publishing this addon! Certainly makes life easier getting guests to use my install.

Unfortunately, I'm running into an interesting issue when attempting to connect via Cloudflare tunnel. Hope you can help!

Configuration:

Home Assistant OS running on Raspberry Pi 4
using cloudflared addon for external access
install ha-auto-guest-login addon as per instructions
addon config:

guest_username: guest
guest_password: guest-password
guest_dashboard_path: dashboard-test
welcome_screen_delay_ms: 3000
welcome_screen_main_text: Thanks for Visiting
welcome_screen_secondary_text: Redirecting to Home Assistant...
advanced_internal_base_ha_url_and_port: http://my-homeassistant.local:8123
advanced_redirect_base_ha_url_and_port: https://my-hass.redacted.url:443

https://my-hass.redacted.url is the external URL which maps through to the internal http://my-homeassistant.local:8123
- connecting to this gives proper full access to HASS UI
http://my-homeassistant.local:8123 is the correct internal URL,
- HASS UI can be reached on this when on internal network without issue
https://my-guest.redacted.url is the external URL which is mapped through to http://my-homeassistant.local:8675
- connecting to this correctly gives the addon initial welcome page
Once connected to https://my-guest.redacted.url we see the initial welcome page & are then redirected (as per log below)
Redirected page gives HA icon & "Unable to connect to Home Assistant. Retrying in xx seconds..." error
- looking at browser console I can see that the browser is correctly starting to load the HASS UI, however I see Uncaught (in promise) exception

Promise.then (async)
(anonymous) @ core.ts (112)
(anonymous) @ core-iXwZTYzGWuY.js

Interestingly, if I just use the base URL provided in the redirect (ie, just remove the ?auth_callback... etc part), then I am presented with HASS normal login & subsequently provided the appropriate dashboard

Addon log:

posted ha_auto_login_guest_logged_in event
recieved request from: http://my-guest.redacted.url
using internal url: http://my-homeassistant.local:8123
using redirect baseUrl: https://my-hass.redacted.url:443
using clientId: https://my-hass.redacted.url:443/
fetching flowId
	url: http://my-homeassistant.local:8123/auth/login_flow
	redirectUri: https://my-hass.redacted.url:443?auth_callback=1
flowId: f60b8cba717d3c9a4b737b4c9f64b724
fetching code
	url: http://my-homeassistant.local:8123/auth/login_flow/f60b8cba717d3c9a4b737b4c9f64b724
code: 54d5ae8d99c9461783cd25c150be6cce
sending redirect uri to client
	redirectUri: https://my-hass.redacted.url:443/dashboard-test?auth_callback=1&code=54d5ae8d99c9461783cd25c150be6cce&state=eyJoYXNzVXJsIjoiaHR0cHM6Ly9jYnItaGFzcy5ib3JnLWN1LmJlOjQ0MyIsImNsaWVudElkIjoiaHR0cHM6Ly9jYnItaGFzcy5ib3JnLWN1LmJlOjQ0My8ifQ%3D%3D&storeToken=true

Any hints as to where I might be going wrong?

Thanks!!

Answer 1 · 2023-11-05T03:12:13.000Z

Ah, I think I fixed a bug similar to this for the default URL, but not when specifying your own redirect URL. HA recently changed their auth such that if you specify one of the default http(s) ports (80, 443) in the clientId, then it errors out in that way when executing the login.

So I bet setting your advanced_redirect_base_ha_url_and_port to https://my-hass.redacted.url will fix your problem.

Like I alluded to, I made changes to take care of this for you if you don't use the advanced settings. I think maybe I should update the docs to say not to specify those ports in the advanced settings.

Let me know if that works!

Answer 2 · 2023-11-05T03:31:27.000Z

Worked perfectly, thanks @cnorick!

Answer 3 · 2023-11-05T13:36:03.000Z

Awesome! Glad that fixed it for you