-
Notifications
You must be signed in to change notification settings - Fork 237
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Problems with Microsoft Auth #199
Comments
I understand what you mean but if the public frontend uses a self-signed certificate wouldn't the users see a broken HTTPS icon in their browsers as well? The only place where After you do that, hit "Enter" and click the "Continue with Microsoft" button and see what happens. |
Even if we leave the certificate part, and define
This defeats the purpose of me having the scoold and para in the same vnet that is not make the site faster. The solution you have provided works, can we have that as parameter in scoold-application.conf as it would be useful, if possible. I have encountered this problem many times on my local deployment as well, and a para.redirect_uri will solve it. This is all caused by microsoft not allowing people to whitelist http ip's or dns. Thank you for the help. |
I added the option |
Thank you for this. Very Helpful. |
This is a very specific bug but may solve some people's problems.
There are multiple possibilities to see through this problem related to redirect_uri.
Running para and scoold as two azure container instances in same virtual network while using application gateway to route through them.
The scoold-application.conf file will contain this config.
We can only whitelist http://localhost:8080 or https:// in microsoft redirect_uri, Link to docs. So we cannot whitelist http://11.0.2.4:8080.
Now we are left with another option that we change para.endpoint to the application gateway front facing dns, which defeats the purpose of virtual network but let's try.
para.endpoint = "https://frontenddns:443"
So, Scoold will now try to connect with para over the internet and make the whole setup slow and this will not work with self signed certificates.
The solution may be is to give options both for para.endpoint and para.redirect_uri so that para.endpoint can be saved as 11.0.2.4 and scoold will be able to connect with it, while the redirect_uri be set to the frontend https dns.
I have encountered multiple scenarios where this would be helpful if you need more details, I could write those scenarios as well, I have deployed para+scoold on nginx, nginx + ssl, azure container instances + nginx, azure container instance + application gateway.
The text was updated successfully, but these errors were encountered: