Hi everyone,
I’m currently facing an issue with the Social Auth0 plugin for Google authentication on my Drupal site. The plugin automatically generates a redirect URL, but it is set to use http instead of https. Unfortunately, this field is grayed out in the admin UI, so I can’t modify it directly.
This misconfiguration likely occurred because the redirect URL was generated before I added a valid SSL certificate to the site. The site is now fully configured to use HTTPS with Let’s Encrypt, and I also have Cloudflare Flexible SSL enabled. However, since Google now enforces HTTPS for OAuth, authentication requests fail due to the incorrect http redirect URL.
The major challenge is that I already have thousands of users who signed up using Google. If I uninstall and reinstall the plugin to regenerate the redirect URL, it may risk breaking user authentication or losing the mappings between existing accounts and Google logins.
What I’ve Tried:
• Checking the admin settings: The redirect URL is read-only and cannot be updated directly.
• Ensuring the site properly handles HTTPS by verifying SSL and configuring Cloudflare.
My Question:
Is there a way to manually update the automatically generated redirect URL to use https without reinstalling the plugin or losing user data?
I appreciate any insights or guidance on resolving this safely. Thanks in advance!
Active
3.0
Code
That URL is only presented in a form field to make it easy to copy -- it is not actually a configuration element.
The URL is generated from the callback route and is based on the site by way of the UriHelper::getAbsolute function. From your description it sounds like you Drupal core $base_url value uses http.