OmniAuth 在反向代理设置中使用错误的回调端口

发布于 2024-11-25 13:13:16 字数 1243 浏览 1 评论 0 原文

我有一个在端口 3101 上运行的 Rails 应用程序，我通过 Apache 反向代理设置将其提供给互联网（就像 Phusion 在这篇博文。

我正在使用 Devise + OmniAuth 来处理 Facebook 身份验证，

但是当我尝试通过 Facebook 进行身份验证时，我被重定向到网址：http://mydomain.com:3101/my_callback_path

我使用 < 启动 Rails 应用程序。 code>passenger start -a 127.0.0.1 -p 3101 -d 我的 Apache 设置是：

<VirtualHost *:80>
    ServerName mydomain.com

    PassengerEnabled off
    ProxyPass / http://127.0.0.1:3101/
    ProxyPassReverse / http://127.0.0.1:3101

    ProxyRequests Off
    ProxyPreserveHost On
    <Proxy *>
      Order deny,allow
      Allow from all
    </Proxy>
</VirtualHost>

我找到了一些答案，例如此和这个但它们都是为了Nginx 设置。

我尝试使用 OmniAuth.config.full_host = 'http://my domain.com' 的初始化程序，但我想知道我的配置中是否缺少配置apache 设置（如之前的答案）。

提前致谢。

原文

I have a Rails app running on port 3101 and I made it available to the internet through an Apache reverse-proxy setup (like the one suggested by Phusion on this blog post.

I'm using Devise + OmniAuth to handle the Facebook authentication.

But when I try to authenticate via Facebook, I'm redirected to the url: http://mydomain.com:3101/my_callback_path

I start the rails app with passenger start -a 127.0.0.1 -p 3101 -d and my Apache setup is:

<VirtualHost *:80>
    ServerName mydomain.com

    PassengerEnabled off
    ProxyPass / http://127.0.0.1:3101/
    ProxyPassReverse / http://127.0.0.1:3101

    ProxyRequests Off
    ProxyPreserveHost On
    <Proxy *>
      Order deny,allow
      Allow from all
    </Proxy>
</VirtualHost>

I've found some answers like this and this but they all are intended to Nginx setups.

I've tried to use an initializer with OmniAuth.config.full_host = 'http://my domain.com' but I'm wondering if there`s not a missing configuration in my apache setup (like the previous answers).

Thanks in advance.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

笨笨の傻瓜 2024-12-02 13:13:16

我查看了 OmniAuth 源代码，发现回调机制内部使用名为 full_host 的方法，该方法查找配置变量，然后构建 URI 的第一部分 - 看看 oa-core-0.2.6/lib/omniauth/strategy.rb

配置变量可以是字符串（如您的情况）、Proc 或 nil（或其他任何值）。在后一种情况下，请求 URI 将被解析、截断并返回。

我认为我们不能通过在 Apache 中设置一个环境变量来解决我们的常见问题（这可能应该在 ruby 应用程序堆栈内的较低级别完成），但经过一些实验后，我发现这对于我：

OmniAuth.config.full_host = lambda do |env|
    scheme         = env['rack.url_scheme']
    local_host     = env['HTTP_HOST']
    forwarded_host = env['HTTP_X_FORWARDED_HOST']
    forwarded_host.blank? ? "#{scheme}://#{local_host}" : "#{scheme}://#{forwarded_host}"
end

I had a look into the OmniAuth source and found out that the callback mechanism internally uses a method named full_host that looks up the configuration variable and then builds the first part of the URI - have a look at oa-core-0.2.6/lib/omniauth/strategy.rb

The configuration variable can be a String (as in your case), or a Proc, or nil (or anything else). In the latter case, the request URI is parsed, chopped, and returned.

I think that we can't solve our common problem by just setting an environment variable in Apache (this probably should be done at a lower level, inside the ruby application stack), but after some experimentation I've found this works well enough for me:

OmniAuth.config.full_host = lambda do |env|
    scheme         = env['rack.url_scheme']
    local_host     = env['HTTP_HOST']
    forwarded_host = env['HTTP_X_FORWARDED_HOST']
    forwarded_host.blank? ? "#{scheme}://#{local_host}" : "#{scheme}://#{forwarded_host}"
end

回复收藏 0 原文

尾戒 2024-12-02 13:13:16

我有同样的问题。通过设置关于 facebook 重定向问题解决了这个

**proxy_set_header        Host            <proxy-domain-name>;**



  location / {
  proxy_pass  http://127.0.0.1:3000;
        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
        proxy_redirect off;
        proxy_buffering off;
        proxy_set_header        Host            <domain name>;
        proxy_set_header        X-Real-IP       $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
 }

问题，我花了一些时间研究它将回调重定向到的实际 url 的值，所以我必须在 nginx conf 中修复它。要找出这一点，请查看链接中的 url 并查看“redirect_uri”GET 变量值的值，而不是关注它在主页上发送的错误。

I had the same issue. It was solved by setting

**proxy_set_header        Host            <proxy-domain-name>;**



  location / {
  proxy_pass  http://127.0.0.1:3000;
        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
        proxy_redirect off;
        proxy_buffering off;
        proxy_set_header        Host            <domain name>;
        proxy_set_header        X-Real-IP       $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
 }

Regarding facebook redirect issue, I spent some time investigating the value of the actual url it was redirecting the callback to, so I had to fix that in nginx conf. For finding that out, look at the url in the link and see the value of "redirect_uri" GET variable value instead of focusing on the error it sent on the main page.

回复收藏 0 原文

~没有更多了~