Skip to content

Commit

Permalink
Make keycloak redirect to https not http (#1111)
Browse files Browse the repository at this point in the history 
* try again

* update

* Update authMiddleware.ts

* Update authMiddleware.ts

* format

* Update website/src/middleware/authMiddleware.ts

---------

Co-authored-by: Cornelius Roemer <cornelius.roemer@gmail.com>
  • Loading branch information
@theosanderson @corneliusroemer
theosanderson and corneliusroemer authored Feb 25, 2024
1 parent 5308c4a commit 27833ec
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 2 deletions.
2 changes: 2 additions & 0 deletions kubernetes/loculus/templates/keycloak-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,8 @@ spec:
value: "admin"
- name: KC_PROXY
value: "edge"
- name: PROXY_ADDRESS_FORWARDING
value: "true"
- name: KC_HEALTH_ENABLED
value: "true"
# - name: KC_LOG_LEVEL
Expand Down
4 changes: 2 additions & 2 deletions website/src/middleware/authMiddleware.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ export async function getKeycloakClient() {

export const getAuthUrl = async (redirectUrl: string) => {
const authUrl = (await getKeycloakClient()).authorizationUrl({
redirect_uri: redirectUrl,
redirect_uri: redirectUrl.replace('http://', 'https://'),
scope: 'openid',
response_type: 'code',
});
Expand Down Expand Up @@ -306,7 +306,7 @@ function removeTokenCodeFromSearchParams(url: URL): string {
newUrl.searchParams.delete('session_state');
newUrl.searchParams.delete('iss');

return newUrl.toString();
return newUrl.toString().replace('http://', 'https://');
}

async function refreshTokenViaKeycloak(token: TokenCookie): Promise<TokenCookie | undefined> {
Expand Down

0 comments on commit 27833ec

Please sign in to comment.