boot-stateless-social icon indicating copy to clipboard operation
boot-stateless-social copied to clipboard

Published 20 hours ago verified publisher icon robbertvanwaveren

forcing HTTPS on "redirect_uri" oauth

Open fieder opened this issue 6 years ago • 0 comments

Hi Robert, We've implemented your example something very similar to http://blog.jdriven.com/2015/01/stateless-spring-security-part-3-jwt-social-authentication/

Facebook has recently forced HTTPS on its login.

Do you know where we should implement such modification so when SocialAuthenticationFilter executes redirect_uri is set to HTTPS?

Currently, regardless of the protocol in the browser, it always sends HTTP that is not allowed any more from 6th October: https://developers.facebook.com/blog/post/2018/06/08/enforce-https-facebook-login/

We are on

<spring-social-security>1.1.4.RELEASE</spring-social-security>

Thanks in advance.

fieder avatar Oct 17 '18 12:10 fieder