OmniAuth using wrong callback port in a reverse proxy setup
https://stackoverflow.com/questions/6803307
-
25-10-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have a Rails app running on port 3101 and I made it available to the internet through an Apache reverse-proxy setup (like the one suggested by Phusion on this blog post.
I'm using Devise + OmniAuth to handle the Facebook authentication.
But when I try to authenticate via Facebook, I'm redirected to the url: http://mydomain.com:3101/my_callback_path
I start the rails app with passenger start -a 127.0.0.1 -p 3101 -d and my Apache setup is:
<VirtualHost *:80>
ServerName mydomain.com
PassengerEnabled off
ProxyPass / http://127.0.0.1:3101/
ProxyPassReverse / http://127.0.0.1:3101
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
</VirtualHost>
I've found some answers like this and this but they all are intended to Nginx setups.
I've tried to use an initializer with OmniAuth.config.full_host = 'http://my domain.com' but I'm wondering if there`s not a missing configuration in my apache setup (like the previous answers).
Thanks in advance.
Solution
I had a look into the OmniAuth source and found out that the callback mechanism internally uses a method named full_host that looks up the configuration variable and then builds the first part of the URI - have a look at oa-core-0.2.6/lib/omniauth/strategy.rb
The configuration variable can be a String (as in your case), or a Proc, or nil (or anything else). In the latter case, the request URI is parsed, chopped, and returned.
I think that we can't solve our common problem by just setting an environment variable in Apache (this probably should be done at a lower level, inside the ruby application stack), but after some experimentation I've found this works well enough for me:
OmniAuth.config.full_host = lambda do |env|
scheme = env['rack.url_scheme']
local_host = env['HTTP_HOST']
forwarded_host = env['HTTP_X_FORWARDED_HOST']
forwarded_host.blank? ? "#{scheme}://#{local_host}" : "#{scheme}://#{forwarded_host}"
end
OTHER TIPS
I had the same issue. It was solved by setting
**proxy_set_header Host <proxy-domain-name>;**
location / {
proxy_pass http://127.0.0.1:3000;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host <domain name>;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
Regarding facebook redirect issue, I spent some time investigating the value of the actual url it was redirecting the callback to, so I had to fix that in nginx conf. For finding that out, look at the url in the link and see the value of "redirect_uri" GET variable value instead of focusing on the error it sent on the main page.
