omniauth_openid_connect icon indicating copy to clipboard operation
omniauth_openid_connect copied to clipboard
verified publisher icon omniauth

https_proxy ignored for `token_endpoint` connections

Open Foorack opened this issue 1 year ago • 1 comments

I believe the Omniauth_openid_connect library bypasses https_proxy env variable when contacting e.g. token_endpoint.

Output of ::OpenIDConnect.http_client in Rails console show that Faraday is aware of the Proxy, and no "noproxy" sites are set.

Foorack avatar Sep 03 '24 13:09 Foorack

I think this gem just calls ::OpenIDConnect::Client.new(client_options), which ends up creating Rack::OAuth2.http_client: https://github.com/nov/rack-oauth2/blob/2aedad5d7bfd6b28d29075f3a1a7d411d11a378a/lib/rack/oauth2.rb#L44-L52

I'm not sure how https_proxy would be bypassed here.

stanhu avatar Sep 10 '24 18:09 stanhu