irida icon indicating copy to clipboard operation
irida copied to clipboard

Published 20 hours ago verified publisher icon phac-nml

REST API cannot handle http redirects

Open apetkau opened this issue 5 years ago • 1 comments

Describe the bug

Some IRIDA installations have http redirected to https. While this works in the browser, it looks like the REST API does not handle these situations and fails.

Steps to reproduce the problem

  1. Setup IRIDA so that it is behind a reverse proxy (e.g., Apache or nginx).
  2. Redirect http requests from one location to another (e.g, http -> https).
  3. Try accessing IRIDA web from http, should work.
  4. The REST API will not work.

Expected behaviour

I expected the REST API to be able to handle http redirects.

Additional context

None.

apetkau avatar May 31 '19 19:05 apetkau

I tried installing both NGINX and Apache2 locally. Tested with browser, curl, and Postman. As the logs show below, both work as expected:

NGINX

==> /var/log/nginx/reverse-access.log <== ::1 - - [30/Apr/2021:13:22:03 -0500] "POST /api/oauth/token?client_id=testClient&client_secret=testClientSecret&grant_type=password&username=admin&password=password1 HTTP/1.1" 301 178 "-" "PostmanRuntime/7.26.8"

==> /var/log/nginx/ssl-reverse-access.log <== 127.0.0.1 - - [30/Apr/2021:13:22:03 -0500] "GET /api/oauth/token?client_id=testClient&client_secret=testClientSecret&grant_type=password&username=admin&password=password1 HTTP/1.1" 200 128 "http://localhost/api/oauth/token?client_id=testClient&client_secret=testClientSecret&grant_type=password&username=admin&password=password1" "PostmanRuntime/7.26.8"

APACHE2

==> /var/log/apache2/irida_access.log <== ::1 - - [30/Apr/2021:09:48:25 -0500] "POST /api/oauth/token?client_id=testClient&client_secret=testClientSecret&grant_type=password&username=admin&password=password1 HTTP/1.1" 301 739 "-" "PostmanRuntime/7.26.8"

==> /var/log/apache2/irida_access_ssl.log <== 127.0.0.1 - - [30/Apr/2021:09:48:25 -0500] "GET /api/oauth/token?client_id=testClient&client_secret=testClientSecret&grant_type=password&username=admin&password=password1 HTTP/1.1" 200 1003 "http://localhost/api/oauth/token?client_id=testClient&client_secret=testClientSecret&grant_type=password&username=admin&password=password1" "PostmanRuntime/7.26.8"

ksierks avatar Apr 30 '21 18:04 ksierks