Data Importer uses wrong Protocol

[lorenzschmid]

Support guidelines

• I've read the support guidelines

I've found a bug and checked that ...

• ... the documentation does not mention anything about my problem
• ... there are no open or closed issues that are related to my problem

Description

Following my setup:

• firefly Docker container:
  • Docker Internal DNS: http://firefly:8080
  • External DNS (behind reverse proxy): https://firefly.domain.com:443
• Firefly's data-importer Docker container:
  • Docker Internal DNS: http://firefly_import:8080
  • External DNS (behind reverse proxy): https://import.firefly.domain.com:443
  • ENV Variables:
    • FIREFLY_III_URL=http://firefly:8080
    • VANITY_URL=https://firefly.domain.com
    • FIREFLY_III_CLIENT_ID=123
• The corresponding client in Firefly is setup like the following:
  • Client ID: 123
  • Secret: none
  • Callback: https://import.firefly.domain.com/callback

Expected behaviour

I open https://import.firefly.domain.com:443 and would expect to see some webpage. Instead I am redirected to https://firefly.domain.com/oauth/authorize?client_id=123&redirect_uri=http%3A%2F%2Fimport.firefly.domain.com%2Fcallback&response_type=code&scope=&state=...&code_challenge=...&code_challenge_method=S256 which returns the following JSON data:

{"error":"invalid_client","error_description":"Client authentication failed","message":"Client authentication failed"}

Debug information

Looking closer at the URL to which I was redirected, one can see that redirect_uri is set correctly but for the wrong protocol (http instead of https). Although not a PHP expert I assume that this comes from the fact that the Route::get('/callback', ... in data-importer/routes/web.php is not aware of my setup (with a reverse proxy and SSL).

If I manually change the value of the redirect_uri parameter I am forwarded to the "Authorization Request" form/web page where I can confirm the access of the data importer to my Firefly instance. Once I click confirmed I am forwarded to https://import.firefly.domain.com/callback?code=... which shows me an error page:

Error :(

The server you tried to connect to responsed with an error.

Client error: `POST http://firefly:8080/oauth/token` resulted in a `400 Bad Request` response: 
"{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.","hint":"Invalid redirect URI","message":"The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed."}"  

Which hints again at some issue with the redirection URI.

Steps to reproduce

1. Setup Firefly and Firefly's Data Importer as Docker containers as described above
2. Open the URL pointing to the Data Importer

Additional info

No response

[JC5]

Plenty of info how to solve this in the search.

[lorenzschmid]

I solved the issue in the end: My docker definition of the data-importer container was missing an additional ENV-variable definition as described here:

• TRUSTED_PROXIES=**