- 🇪🇬Egypt Mahmoud Helmy
Thank you @dpacassi we just need to add `'https' => TRUE` to allow https
- 🇦🇷Argentina mariano.tribuj
This fix works on 3.0.0.alpha2 and enforces HTTPS on redirect URLs.
When selecting clients in /admin/config/services/openid-connect, we can notice that Redirect URL is set to unsecured URL. Our site is configured and accessible with secured routes meaning all links starting with https will only work.
But say we select generic as client:
Redirect URL
http://sitename/openid-connect/generic
Client ID
testclient
Client secret
<clientsecret>
Authorization endpoint
https://sitename/auth/realms/master/protocol/openid-connect/auth
Token endpoint
https://sitename/auth/realms/master/protocol/openid-connect/token
UserInfo endpoint
https://sitename/auth/realms/master/protocol/openid-connect/userinfo
All other options can be modified except the Redirect URL that is set to a default value. How can I change that so I can use secured URL.
I found this portion of code from /src/Plugin/OpenIDConnectClientBase.php that might be displaying the Redirect URL value.
public function buildConfigurationForm(array $form, FormStateInterface $form_state) {
$redirect_url = URL::fromRoute(
'openid_connect.redirect_controller_redirect',
[
'client_name' => $this->pluginId,
],
[
'absolute' => TRUE,
]
);
$form['redirect_url'] = [
'#title' => $this->t('Redirect URL'),
'#type' => 'item',
'#markup' => $redirect_url->toString(),
];Fixed
3.0
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
Thank you @dpacassi we just need to add `'https' => TRUE` to allow https
This fix works on 3.0.0.alpha2 and enforces HTTPS on redirect URLs.