Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

OmniAuth using wrong callback port in a reverse proxy setup

I have a Rails app running on port 3101 and I made it available to the internet through an Apache reverse-proxy setup (like the one suggested by Phusion on this blog post.

I'm using Devise + OmniAuth to handle the Facebook authentication.

But when I try to authenticate via Facebook, I'm redirected to the url: http://mydomain.com:3101/my_callback_path

I start the rails app with passenger start -a 127.0.0.1 -p 3101 -d and my Apache setup is:

<VirtualHost *:80>
    ServerName mydomain.com

    PassengerEnabled off
    ProxyPass / http://127.0.0.1:3101/
    ProxyPassReverse / http://127.0.0.1:3101

    ProxyRequests Off
    ProxyPreserveHost On
    <Proxy *>
      Order deny,allow
      Allow from all
    </Proxy>
</VirtualHost>

I've found some answers like this and this but they all are intended to Nginx setups.

I've tried to use an initializer with OmniAuth.config.full_host = 'http://my domain.com' but I'm wondering if there`s not a missing configuration in my apache setup (like the previous answers).

Thanks in advance.

like image 267
Reinaldo Junior Avatar asked Jul 23 '11 21:07

Reinaldo Junior


2 Answers

I had a look into the OmniAuth source and found out that the callback mechanism internally uses a method named full_host that looks up the configuration variable and then builds the first part of the URI - have a look at oa-core-0.2.6/lib/omniauth/strategy.rb

The configuration variable can be a String (as in your case), or a Proc, or nil (or anything else). In the latter case, the request URI is parsed, chopped, and returned.

I think that we can't solve our common problem by just setting an environment variable in Apache (this probably should be done at a lower level, inside the ruby application stack), but after some experimentation I've found this works well enough for me:

OmniAuth.config.full_host = lambda do |env|
    scheme         = env['rack.url_scheme']
    local_host     = env['HTTP_HOST']
    forwarded_host = env['HTTP_X_FORWARDED_HOST']
    forwarded_host.blank? ? "#{scheme}://#{local_host}" : "#{scheme}://#{forwarded_host}"
end
like image 100
wiz Avatar answered Oct 20 '22 08:10

wiz


I had the same issue. It was solved by setting

**proxy_set_header        Host            <proxy-domain-name>;**



  location / {
  proxy_pass  http://127.0.0.1:3000;
        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
        proxy_redirect off;
        proxy_buffering off;
        proxy_set_header        Host            <domain name>;
        proxy_set_header        X-Real-IP       $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
 }

Regarding facebook redirect issue, I spent some time investigating the value of the actual url it was redirecting the callback to, so I had to fix that in nginx conf. For finding that out, look at the url in the link and see the value of "redirect_uri" GET variable value instead of focusing on the error it sent on the main page.

like image 43
Lavixu Avatar answered Oct 20 '22 09:10

Lavixu