Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.

Oauth with nginx reverse proxy

Heyo! I will admit, I don't know a lot about oauth, so I apologize if I am just missing something.

I am running portainer on a server. I currently have my portainer instance running on domain.com:9443. I use nginx reverse proxy to redirect portainer.domain.com to domain.com:9443 (with an A record too) using this config:

 

upstream portainer {
    server ip:9443;
}


server {
        listen 80;
        server_name portainer.domain.com;
        return 301 https://portainer.domain.com$request_uri;
}

server {
        listen 443 http2 ssl;
        server_name portainer.domain.com;

        ssl_certificate /path/to/cert;
        ssl_certificate_key /path/to/key;

        location / {
                proxy_pass https://portainer/;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "Upgrade";
                proxy_set_header Host $host;
	        }
	}

 

 In google cloud console, I have to following for oath:
JS origins: https://portainer.domain.com

Redirect URI: https://portainer.domain.com/ 

The problem is, when I try to sign in with google in portainer, I get "Error 400: redirect_uri_mismatch"

The error details say the redirect URI is https://domain.com:9443/, not https://portainer.domain.com. If I add https://domain.com:9443/ to my redirect URIs, it works, but it redirects me to domain.com:9443 after oath instead of portainer.domain.com (therefore leading to the site being insecure, as the cert is for portainer.domain.com.) 

What am I missing? Have I configured nginx wrong?
Thank you!

0 1 793
1 REPLY 1

Hi @pupik12,

Welcome to Google Cloud Community!

Regarding your URI, please try excluding trailing slash (/) in redirect URI. However, if your NGINX configuration location block uses a trailing slash, then your URI must have it. 

Here are documentations related to OAuth2 in Google that can help you:

I hope the above information is helpful.

Top Labels in this Space
Top Solution Authors