fix(auth): oidc redirect does not respect https protocol (#1763)

2024-12-24 14:15:34 +01:00
parent e220087e96
commit 0336803550
5 changed files with 20 additions and 7 deletions
--- a/packages/auth/providers/oidc/oidc-provider.ts
+++ b/packages/auth/providers/oidc/oidc-provider.ts
@@ -23,7 +23,8 @@ export const OidcProvider = (headers: ReadonlyHeaders | null): OIDCConfig<Profil
  authorization: {
    params: {
      scope: env.AUTH_OIDC_SCOPE_OVERWRITE,
-      redirect_uri: createRedirectUri(headers, "/api/auth/callback/oidc"),
+      // We fallback to https as generally oidc providers require https
+      redirect_uri: createRedirectUri(headers, "/api/auth/callback/oidc", "https"),
    },
  },
  profile(profile) {