My django admin localhost is working with SSL and redirect the azure auth callback to 'https': redirect_uri = 'https'://localhost:8000/fds/oauth2/callback
However when I deploy the code in cloud foundry the same url isn't able to redirect to https and uses 'http' instead: redirect_uri = 'http'://xyz.com/fds/oauth2/callback
My all api calls work fine on the server only the django admin page isn't able to redirect to https requests. How do I force my application to redirect oauth2 callback via 'https'.
Dependencies: Django 4.2 Python 3.9 django-auth-adfs==1.13.0
Here are my settings:
Django settings.py
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
CSRF_COOKIE_DOMAIN = SERVER_NAME
AUTH_ADFS = {
'VERSION': 'v2.0',
'AUDIENCE': AZURE_OAUTH2_CLIENT_ID,
'CLIENT_ID': AZURE_OAUTH2_CLIENT_ID,
'CLIENT_SECRET': AZURE_OAUTH2_CLIENT_SECRET,
'CLAIM_MAPPING': {'first_name': 'given_name',
'last_name': 'family_name',
'email': 'preferred_username'},
'GROUPS_CLAIM': 'roles',
'MIRROR_GROUPS': True,
'USERNAME_CLAIM': 'email',
'TENANT_ID': AZURE_TENANT_ID,
'RELYING_PARTY_ID': AZURE_OAUTH2_CLIENT_ID,
'LOGIN_EXEMPT_URLS': [
'^api'
]
NGINX settings:
location /app/ {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
if ($http_x_forwarded_proto != "https") {
return 301 https://$host/$request_uri;
}
include proxy_params;
proxy_send_timeout 120s;
proxy_read_timeout 300s;
send_timeout 120s;
client_body_timeout 120s;
proxy_headers_hash_max_size 1024;
proxy_headers_hash_bucket_size 128;
proxy_pass http://django;
}
When i try Django settings SECURE_SSL_REDIRECT = True stuck in a redirect loop and eventually fails. Its not recommended in django-auth-adfs documentation.