Update auth.lua to dynamically set redirect_uri and disable SSL verification.

2025-06-10 21:46:22 +02:00
parent 0f5925970f
commit d220cb28f9
1 changed files with 9 additions and 3 deletions
--- a/auth.lua
+++ b/auth.lua
@@ -1,12 +1,18 @@
 local openidc = require("resty.openidc")

+-- Determine the correct redirect URI
+local scheme = ngx.var.scheme
+local host = ngx.var.http_host
+local request_uri = ngx.var.request_uri
+local redirect_uri = scheme .. "://" .. host .. request_uri
+
 local opts = {
-  redirect_uri_path = "/redirect_uri",
+  redirect_uri = redirect_uri,  -- ✅ use full URI dynamically
  discovery = "https://kc.boomlab.party/realms/rhein-sw/.well-known/openid-configuration",
  client_id = "demo-sso",
  client_secret = os.getenv("KEYCLOAK_CLIENT_SECRET"),
-  redirect_uri_scheme = "http",
-  scope = "openid email profile"
+  scope = "openid email profile",
+  ssl_verify = "no"
 }

 local res, err = openidc.authenticate(opts)