Redirect URI wrong Protocol
Okay, getting further this time around. I almost could get in past
OIDC but homarr's auth is building my redirect_uri as http not https. I tried with / without NEXTAUTH_URL variable set (maybe dep at this point, but didnt make any diff). Authelia is obviously rejecting it, and i can't add http rules as they are insecure. It looks like the new version works with 256 PKCE too. I run homarr as a reverse proxied service in that authelia.
looks like it's created with the headers, which may explain it. https://github.com/homarr-labs/homarr/blob/3b7e6cc083220a0e3a0cf4f5243c073067ba5bc7/packages/auth/redirect.ts#L11C14-L11C31 ..
Edit.. : https://github.com/homarr-labs/homarr/blob/3b7e6cc083220a0e3a0cf4f5243c073067ba5bc7/packages/common/src/url.ts#L7
This works 100% fine in the old version.4 Replies
Thank you for submitting a support request.
Depending on the volume of requests, our team should get in contact with you shortly.
⚠️ Please include the following details in your post or we may reject your request without further comment: - Log (See https://homarr.dev/docs/community/faq#how-do-i-open-the-console--log) - Operating system (Unraid, TrueNAS, Ubuntu, ...) - Exact Homarr version (eg. 0.15.0, not latest) - Configuration (eg. docker-compose, screenshot or similar. Use ``your-text`` to format) - Other relevant information (eg. your devices, your browser, ...)
❓ Frequently Asked Questions | Homarr documentation
Can I install Homarr on a Raspberry Pi?
Tried to send send the headers as all lower case.. edit.. no dice. Maybe there should just be an option to override this? I'm also seeing
Partitioned cookie or storage access was provided to in my browser ... like process.env.force_http_proto || {proto} would fix this ... stuck here, & rolled back for nowDebian... docker,
beta branch tag... docker-compose... with AUTH_OIDC_ISSUER: https://auth.${DOMAIN_NAME} and all associated fields.. edit: verified the beta is the right version and the checker is wrong, maybe an actions issue thereNote for me: Test
req.nextUrl.protocol and req.connection.encrypted