CRA + proxy + HTTPS=true issues with OAuth flow
See original GitHub issueIs this a bug report?
yes
Environment
-
node -v
: 8.3.0 -
npm -v
: 5.4.2 -
yarn --version
(if you use Yarn): 1.1.0 -
npm ls react-scripts
(if you haven’t ejected): -
Operating system: OSX
Steps to Reproduce
- I have express.js app running on http://localhost:5000
- I have Oauth google setted up.
- I have CRA app installed.
- I have added target proxy setted in CRA’s package:
"proxy": {
"/auth/google": {
"target": "https://localhost:5000"
}
},
- I have
npm start
script modified to enable self signed SSL certificate in CRA’s package.json as it recommended by README:
"scripts": {
"start": "HTTPS=true react-scripts start"
}
- I have link with relative path, embedded to React app, which should proxy to
https://localhost:5000/auth/google
:
<a href='/auth/google'>Sign In with Google</a>
Expected Behavior
Redirect tohttps://accounts.google.com/signin/oauth/......
to confirm signup:
Actual Behavior
Receiving error in browser:
Proxy error: Could not proxy request /auth/google from localhost:3000 to https://localhost:5000 (ECONNRESET).
PS: If I set proxy in package.json to HTTP instead of HTTPS:
"proxy": {
"/auth/google": {
"target": "http://localhost:5000"
}
},
and remove HTTPS=true from npm start script, everything works, but my paranoia tells me that in dev mode it is better to be protected, cos some malicious browser extensions could mess with the code. Sorry, I do not have demo.
Issue Analytics
- State:
- Created 6 years ago
- Comments:8 (4 by maintainers)
Top Results From Across the Web
Proxying API Requests in Development - Create React App
The development server will only attempt to send requests without text/html in its Accept header to the proxy. Conveniently, this avoids CORS ...
Read more >OAuth Provider Configuration | OAuth2 Proxy - GitHub Pages
You will need to register an OAuth application with a Provider (Google, GitHub or another provider), and configure it with Redirect URI(s) for...
Read more >Why you should use a proxy server with Create React App
CRA supports proxying to mitigate or entirely eliminate these issues. In this article, we will discuss what a proxy server is, why you...
Read more >Authentication with Passport + Facebook + Express + create ...
The specific problem I'm having is getting React to successfully initiate and complete the api call that triggers auth. I have tried two ......
Read more >Add Auth to Any App with OAuth2 Proxy - Okta Developer
if the react app does not send the SESSION cookie, the oauth2-proxy enters the login flow and comes back with access token and...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Do you have a proposed fix we could apply on our side?
I see. I’m going to close this as there’s not enough detail for us to dig into this. But if somebody else encounters this, or you see it again, please file a new issue with a reproducing example. Thanks!