Changing OIDC_AUTHENTICATION_CALLBACK_URL to https url

[joshnewlinatclearobject]

Hey,

Currently, the auth callback url that is being generated is routing to http://.... I would like to change this to https://... so we can run my application in an iframe on a secure site. I've attempted setting the OIDC_AUTHENTICATION_CALLBACK_URL to the same url it generates, with just https instead of http.

The problem is that I'm receiving a NoReverseMatch at /oidc/authenticate/ 'https' is not a registered namespace error. I've followed this ticket #193 for advice on this, and it says I have to define a url in urls.py. I don't think I can do this, however, because as I'm aware, the urls in urls.py are relative to the hostname, and shouldn't care about what comes before the first /. Any advice on this issue, or how I can get around it in any way?

I appreciate the time you took to read this, I'm sorry if this is the incorrect place to ask a question like this. Thanks.

[johngian]

Hey @joshnewlinatclearobject! Regarding securing your website with SSL, what's your current setup? I common way to setup HTTPS in Django is to do SSL termination with a load balancer in front of your website.

Can you provide some more context to see how I can help?

[joshnewlinatclearobject]

Hey, thanks for the reply. I've since fixed this issue with a simple nginx config, instead of using the OIDC_AUTHENTICATION_CALLBACK_URL variable. For any people potentially having this same issue in the future, all it took was this line in my nginx config:

proxy_redirect / https://$host/;

[johngian]

Cool, thanks for the feedback @joshnewlinatclearobject
Usually SSL related stuff are handled in a different level (reverse proxy, load balancer, ssl termination) same way you've figured this out.