Solara•2y ago•

36 replies

Force solara to use https in redirect uris

Using Chrome's Dev Tools, I observed the following network requests after clicking the login button in my application:

Initial Login Request:

https://example.com/_solara/auth/login?redirect_uri=https%3A//example.com/return_to_path

https://example.com/_solara/auth/login?redirect_uri=https%3A//example.com/return_to_path

This request looks correct as it uses https.

Authorization Request to Okta:

https://my-okta-domain.oktapreview.com/oauth2/v1/authorize?response_type=code&client_id=MY_CLIENT_ID&redirect_uri=http%3A%2F%2Fexample.com%2F_solara%2Fauth%2Fauthorize&scope=openid+profile+email&state=MY_STATE&nonce=MY_NONCE

https://my-okta-domain.oktapreview.com/oauth2/v1/authorize?response_type=code&client_id=MY_CLIENT_ID&redirect_uri=http%3A%2F%2Fexample.com%2F_solara%2Fauth%2Fauthorize&scope=openid+profile+email&state=MY_STATE&nonce=MY_NONCE

The issue here is that the

redirect_uri

redirect_uri

parameter is using

http

http

instead of

https

https

.

Is there a way to force a solara application to use

https

https

scheme/protocol for redirect URIs (for auth). I tried setting

SOLARA_SESSION_HTTPS_ONLY=True

SOLARA_SESSION_HTTPS_ONLY=True

and

SOLARA_BASE_URL=https://example.com/

SOLARA_BASE_URL=https://example.com/

but I still see

http

http

. Maybe I could mount my solara app to a Starlette app with an added

HTTPSRedirectMiddleware

HTTPSRedirectMiddleware

middleware?

Solara•2y ago•

36 replies

Cyrus

Force solara to use https in redirect uris

Using Chrome's Dev Tools, I observed the following network requests after clicking the login button in my application:

Initial Login Request:

https://example.com/_solara/auth/login?redirect_uri=https%3A//example.com/return_to_path

https://example.com/_solara/auth/login?redirect_uri=https%3A//example.com/return_to_path

This request looks correct as it uses https.

Authorization Request to Okta:

https://my-okta-domain.oktapreview.com/oauth2/v1/authorize?response_type=code&client_id=MY_CLIENT_ID&redirect_uri=http%3A%2F%2Fexample.com%2F_solara%2Fauth%2Fauthorize&scope=openid+profile+email&state=MY_STATE&nonce=MY_NONCE

https://my-okta-domain.oktapreview.com/oauth2/v1/authorize?response_type=code&client_id=MY_CLIENT_ID&redirect_uri=http%3A%2F%2Fexample.com%2F_solara%2Fauth%2Fauthorize&scope=openid+profile+email&state=MY_STATE&nonce=MY_NONCE

The issue here is that the

redirect_uri

redirect_uri

parameter is using

http

http

instead of

https

https

.

Is there a way to force a solara application to use

https

https

scheme/protocol for redirect URIs (for auth). I tried setting

SOLARA_SESSION_HTTPS_ONLY=True

SOLARA_SESSION_HTTPS_ONLY=True

and

SOLARA_BASE_URL=https://example.com/

SOLARA_BASE_URL=https://example.com/

but I still see

http

http

. Maybe I could mount my solara app to a Starlette app with an added

HTTPSRedirectMiddleware

HTTPSRedirectMiddleware

middleware?

Force solara to use https in redirect uris

Similar Threads

Force solara to use https in redirect uris

Similar Threads

Similar Threads

Similar Threads