When deploying to radix, oauth authentication fails with incorrect redirect uri
Closed this issue · 1 comments
When deploying an app on radix, the generated auth urls start with http instead of https. This causes oauth to fail, since the redirect will not match any redirect url specified on Azure AD.
This can not be resolved by adding the http-prefixed redirect url to AAD, since http-prefixed redirect urls are only allowed for localhost.
The issue seems to be related to the proxy setup on radix. A workaround for the issue is mentioned on the flask docs. By adding a app.server.wsgi_app = ProxyFix(app.server.wsgi_app, x_proto=1, x_host=1) in any plugin's __init__, the issue gets resolved for my purpose.
It is not clear to me if that is something that would work as a general fix, however. Flask warns against using this in a non-proxy setting, so it is not clear if it can be used as a general solution.