From 29d91785fbe50628e76869d4fc85b078787679d2 Mon Sep 17 00:00:00 2001
From: Akira Yamazaki <chihsiao@outlook.com>
Date: Tue, 8 Oct 2024 11:23:31 +0800
Subject: [PATCH] fix: build oidc callback url in a more proper way (#28)

---
 app/utils/oidc.ts | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/app/utils/oidc.ts b/app/utils/oidc.ts
index 9b25f18..191ae4a 100644
--- a/app/utils/oidc.ts
+++ b/app/utils/oidc.ts
@@ -51,8 +51,8 @@ export async function startOidc(oidc: OidcConfig, req: Request) {
 	const challenge = await calculatePKCECodeChallenge(verifier)
 
 	const callback = new URL('/admin/oidc/callback', req.url)
-	callback.protocol = req.url.includes('localhost') ? 'http:' : 'https:'
-	callback.hostname = req.headers.get('Host') ?? ''
+	callback.protocol = req.headers.get('X-Forwarded-Proto') ?? 'http:'
+	callback.host = req.headers.get('Host') ?? ''
 	const authUrl = new URL(processed.authorization_endpoint)
 
 	authUrl.searchParams.set('client_id', oidcClient.client_id)
@@ -119,8 +119,8 @@ export async function finishOidc(oidc: OidcConfig, req: Request) {
 	}
 
 	const callback = new URL('/admin/oidc/callback', req.url)
-	callback.protocol = req.url.includes('localhost') ? 'http:' : 'https:'
-	callback.hostname = req.headers.get('Host') ?? ''
+	callback.protocol = req.headers.get('X-Forwarded-Proto') ?? 'http:'
+	callback.host = req.headers.get('Host') ?? ''
 
 	const tokenResponse = await authorizationCodeGrantRequest(
 		processed,