Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Enable BaseURL to support subdomains as well as main domain

See original GitHub issue

Describe the problem you’d like to have solved

My base url is portal.mywebapp.com, but I’d like to also be able to use the alias of portal.eu.mywebapp.com . Using portal.eu.mywebapp.com redirects back to portal.mywebapp.com

I have a traditional webapp (eg. portal.mywebapp.com) We are using express-openid-connect For debugging purposes, we have urls to hit different clusters directly (e.g portal.eu.mywebapp.com, portal.us.mywebapp.com) When I try to use those, express-openid-connect causes a reauth, then callback, then a redirect to the baseURL of portal.mywebapp.com I would like the ability to stay on the new subdomain.

Describe the ideal solution

  1. Allow express-open-id-connect to identify subdomains, and returnTo them
  2. Allow us to update the baseDomain for a user based on the request url

Alternatives and current work-arounds

Im not sure of any workarounds.

Additional information, if any

Issue Analytics

  • State:closed
  • Created a year ago
  • Reactions:2
  • Comments:5 (2 by maintainers)

github_iconTop GitHub Comments

1reaction
adamjmcgrathcommented, May 16, 2022

Hi @asyrialaK - thanks for raising this

You can specify the returnTo in the login method (see https://auth0.github.io/express-openid-connect/interfaces/loginoptions.html#returnto)

So you can set it to to something per user based on the request url by doing the following:

app.get('/login', (req, res) => {
  const returnTo = ... something per user base on req ...
  res.oidc.login({ returnTo })
});

You’ll also need to set the Cookie Domain to the naked domain (mywebapp.com), so the session cookie established in your redirect uri (portal.mywebapp.com) can be picked up by the url your user is returned to (portal.eu.mywebapp.com)

0reactions
asyrialaKcommented, Jun 2, 2022

Ahh…nevermind. it’s set through session domain

auth({
    session: ({
      domain: 'here'
    }),
Read more comments on GitHub >

github_iconTop Results From Across the Web

How can I configure multi-site base URLs where the ...
It'd be nice if I could set the baseURLs to http://abc.$DOMAIN and http://xyz.$DOMAIN and then set the env var DOMAIN on the server...
Read more >
Setting up custom domain names for REST APIs
For example, a more user-friendly API base URL can become: ... An API's custom domain name can be the name of a subdomain...
Read more >
regex - Get domain name (not subdomain) in php
First we grab everything between the scheme ( http:// , etc), by using parse_url 's capabilities to... well.... parse URL's. :) Then we...
Read more >
Make it possible to use service desk in combination with ...
I thought this feature request was about using subdomain/domain as service desk portal and not ugly https://jira.company.com/path/to/servicedesk/portal ...
Read more >
Advanced base URL, CSRF & session cookie settings
Subdomains can set HTTP Cookies for parent domains, meaning a HTTP Cookie specifying domain=my-domain.com will be allowed to set even if the URL ......
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Unexpected JWT alg received, expected HS256, got: RS256

Next page

SameSite cookie config not respected by skipSilentLogin cookie