Http instead Https (AADSTS50011) #243

zfmbek3 · 2022-06-30T08:49:56Z

Hi
I use django_auth_adfs Azure AD for Django authentication.

On my local server authentication works fine.

But when I deploy my app to Azure App service I can not login successfully.

AADSTS50011: The redirect URI 'http://myapp.azurewebsites.net/oauth2/callback' specified in the request does not match the redirect URIs configured for the application ....

But my Redirect url https://myapp.azurewebsites.net/oauth2/callback
HTTPS not HTTP

I looked into the code of the django_auth_adfs and found that the code responsible for redirect_uri parameter is:

django_auth_adfs/config.py
309 def redirect_uri(self, request):
310 self.load_config()
311 return request.build_absolute_uri(reverse("django_auth_adfs:callback"))

Hence request.build_absolute_uri(reverse("django_auth_adfs:callback")) return http://myapp.azurewebsites.net/oauth2/callback

Why HTTP not HTTPS
I do not understand.

What can i do?
Is there any workaround for get correct absolute_uri with HTTPS

The text was updated successfully, but these errors were encountered:

zfmbek3 · 2022-06-30T09:50:54Z

I solved the problem.
On Azure, your application is running behind a proxy
If I understood correctly

I added
USE_X_FORWARDED_HOST = True
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
to settings.py

Now it work correctly

zfmbek3 closed this as not planned Won't fix, can't repro, duplicate, stale Jun 30, 2022

JonasKs mentioned this issue Jan 29, 2024

AADSTS50011 HTTP and HTTPS #327

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Http instead Https (AADSTS50011) #243

Http instead Https (AADSTS50011) #243

zfmbek3 commented Jun 30, 2022 •

edited

Loading

zfmbek3 commented Jun 30, 2022

Http instead Https (AADSTS50011) #243

Http instead Https (AADSTS50011) #243

Comments

zfmbek3 commented Jun 30, 2022 • edited Loading

zfmbek3 commented Jun 30, 2022

zfmbek3 commented Jun 30, 2022 •

edited

Loading