馃悰 Bug Report: Invalid evaluation of oauth redirect_uri protocol in case of reverse proxy/http client #5545
Closed
2 tasks done
Labels
bug
Something isn't working
product / auth
Fixes and upgrades for the Appwrite Auth / Users / Teams services.
馃憻 Reproduction steps
Create web app and install web sdk.
Access app via browser and invoke Account.createOAuth2Session("google", "...", "....") (make sure we are using http not https)
馃憤 Expected behavior
Evaluation of the protocol is based API Endpoint which is available in the Dashboard settings -> Overview -> API Credentials
馃憥 Actual Behavior
TLDR: redirect_uri passed to the provider starts with http:https:// instead of https://
After calling createOAuth2Session metod in web sdk, in the account.php file we are creating callback url with protocol of request host, which can differ from the protocol which is used by a server.
I created web app which uses appwrite web sdk. My web application is running on http:https://localhost:5173.
I deployed appwrite on the VPS, and my domain support https protocol (I can connect via https to the dashboard, calls from sdk are returning 401 error codes).
My client configuration (replaced my domain with example.com):
new Client().setEndpoint('https://appwrite.example.com/v1').setProject('12345');
I suspect it can be due this line:
appwrite/app/controllers/api/account.php
Line 285 in 9534852
If application is deployed behind reverse proxy, the connection between reverse proxy and appwrite will be unencrypted, via http, so in this case the redirect_uri will be always invalid.
馃幉 Appwrite version
Appwrite Cloud
馃捇 Operating system
Linux
馃П Your Environment
No response
馃憖 Have you spent some time to check if this issue has been raised before?
馃彚 Have you read the Code of Conduct?
The text was updated successfully, but these errors were encountered: