peppermint
peppermint copied to clipboard
Peppermint-Lab
Peppermint OIDC always using http instead of https and getting 301
In Authentication Settings for OIDC Issuer: https://auth.mydomain.com/realms/main Client ID: Peppermint
When trying to login, Peppermint throughs and account not found. It would be nice if Peppermint did NOT ignore the https in the Issuer field or properly handle the 301. The get request result:
{"success":false,"error":"OIDC callback error","details":"expected 200 OK, got: 301 Moved Permanently"}
This is because Peppermint is always assuming http instead of using https as specified and is breaking when my nginx instance in front of keycloak redirects http to https, but Peppermint improperly handles this and throughs that error. In the Docker logs, you can see that Peppermint is contacting http://auth.mydomain.com instead of https://auth.mydomain.com:
2024/10/29 06:41PM 30 pid=145 hostname=REDACTED reqId=req-fy req={"method":"GET","url":"/api/v1/auth/oidc/callback?state=Nunm-kCO13YzpgxtZ7AuOug_EcRpTb6FP-1Quenl56U&code=REDACTED&session_state=REDACTED&iss=http%3A%2F%2Fauth.mydomain.com%2Frealms%2Fmain","hostname":"localhost:5003","remoteAddress":"127.0.0.1","remotePort":58836} msg=incoming request
Authentication error: OPError: expected 200 OK, got: 301 Moved Permanently
at processResponse (/apps/api/node_modules/openid-client/lib/helpers/process_response.js:41:11)
at Client.grant (/apps/api/node_modules/openid-client/lib/client.js:1381:22)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async Client.callback (/apps/api/node_modules/openid-client/lib/client.js:520:24)
at async Object.<anonymous> (/apps/api/dist/controllers/auth.js:383:26) {
error: 'expected 200 OK, got: 301 Moved Permanently'
}
