Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
what is the correct way to use oauth2 with forwarded domains
See original GitHub issueWe’re using a domain-forwarded setup in which the code itself runs on project-plus-random-prefix.ourstagingserver.org but this code is accessed through project-staging.ourserver.org (which acts as router for a number of different requests, one set of those being django routes, others being completely different things). When using Google Auth (oauth2) we can’t seem to point the google callback to project-staging.ourserver.org/soc/complete/google-oauth2 because the redirect_url that the social auth library adds into the login is for project-plus-random-prefix.ourstagingserver.org, and I cannot seem to find anything in the docs that explain how to tell social auth what the actual redirect uri should be.
I did find SOCIAL_AUTH_LOGIN_REDIRECT_URL in http://python-social-auth-docs.readthedocs.io/en/latest/configuration/settings.html#urls-options but this documentation seems to suggest this is a path rather than a full URL, so if this value can be used for a fully qualified URL, can the docs be updated to explicitly mention that? And if not, what is the correct way to make sure social-auth uses the domain that it needs to be using for auth to succeed?
Issue Analytics
- State:
- Created 6 years ago
- Reactions:1
- Comments:5 (1 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@Pomax, @cadecairos,
python-social-authuses Django build_absolute_uri helper that’s in the HTTP Request class, looking at the code, you can see that it uses get_host() method defined a few lines above, this one uses _get_raw_host(), which will attempt to determine the host based on settings and/or request headers.The common use case is to make the front server, load-balancer, proxy, etc, set the
X-Forwarded-Hostheader with the domain, but to make it work with Django, ensure that the settingUSE_X_FORWARDED_HOSTis set toTrue.More details on thins can be found in Django docs.
I’ll echo that: thanks!