redirect_uri is http instead of https

Hi, in the process of using oauth I get “http” instead of “https” for parameter redirect_uri. This is written in python - flask. Is there a setting where I can change how http redirect works?

Hmm. It would depend how that redirect was being done. If your code/library lets you provide an absolute URL to redirect to, you may be able to simply provide one with https at the start.

If not, you could tell Fly to force_https in your fly.toml? See:

Or if you have some other kind of proxy in front, like you are using Cloudflare, that will likely also have a http->https redirect of its own.

2 Likes

hmm I have
[[services.ports]]
force_https = true
handlers = [“http”]
port = 80

[[services.ports]]
handlers = [“tls”, “http”]
port = 443

When I add force_https to the bottom ports I get an error because TLS. When I remove TLS I get another error. The library I’m using doesn’t have an option to force a redirect url. I’ve ran same build on Heroku with no issues but am trying to swap over.

If you’re getting TLS errors for a custom hostname, you can add a certificate with fly certs create example.com. We’ll generate a certificate if DNS is configured.

Are you trying to just force everything to SSL, or redirect from within your app? If you just want to require ssl, fly certs create ... will get you going.

1 Like

Not using custom hostname atm, first time doing this so a bit hard to explain. I’m using flask oauth for user logins. Whenever I click login the url I’m given is

(https://id.twitch.tv/oauth2/authorize?response_type=code&client_id=5v8...f4u&redirect_uri=http://preferrednames.fly.dev/login/authorized)

at the end redirect_uri should be https not http. That is my current issue.

Ah. Total guess but if you are not providing that URL on the end, it must be figuring it out itself and that would suggest it thinks the incoming connection is http. And so uses http. That would be because (I assume) Fly’s tls handler terminates the tls using its proxy and then forwards an unencrypted connection on to your app. Flask is unaware of this. So … you’d need to tell the oauth code (or Flask) to use https. Check out:

https://flask-dance.readthedocs.io/en/v0.9.0/proxies.html

1 Like

Yup! That was it, had trouble saying that. I did try another proxyfix earlier that didn’t work. Thank you Grey & Kurt

1 Like