oauth2_proxy user-configured redirect URL clobbered in oauthproxy.go

user-configured redirect URL clobbered in oauthproxy.go

Open dt-rush opened this issue 7 years ago • 5 comments

see line 55 of oauthproxy.go (link)

We literally overwrite whatever the value is with fmt.Sprintf("%s/callback", opts.ProxyPrefix) even if the user provided a redirect URL they want to use.

Dec 06 '18 01:12 dt-rush

This PR will be sent to pusher's fork since this repo is abandoned by bitly ( see #628 )

Dec 06 '18 16:12 dt-rush

I think the reason for the current behavior, is to allow the option to set the scheme://domain, but the path should be known by oauth2_proxy pretty well, so it overwrites just the path.

Dec 06 '18 23:12 ploxiln

(agreed it's a odd to ignore the path in the option, maybe it's trying to silently fix mistakes in a manually set callback url path)

Dec 06 '18 23:12 ploxiln

As far as I see it, the user specifying a callback URL should specify the callback URL, not the callback scheme://domain.

Dec 07 '18 20:12 dt-rush

Actually there are more problems here in any case. OAuthCallbackPath is used to handle the callback, not RedirectURL... these are supposed to mean the same thing.

Dec 08 '18 01:12 dt-rush

oauth2_proxy oauth2_proxy copied to clipboard

user-configured redirect URL clobbered in oauthproxy.go

oauth2_proxy
oauth2_proxy copied to clipboard