HAProxy community

Redirect HTTPS for OAuth

Hello,

I need help to solve my issue.

What I want to achieve is

http://abc.contoso.com -> https://abc.contoso.com
(Force redirection HTTP to HTTPS)

My problem is that the URI needed for Azure OAuth 2.0 authorization endpoint doesn’t match.

The accepted URI as destination when returning authentication responses (tokens) after successfully authenticating users must be: https://abc.contoso.com/signin-oidc

But HAProxy sends the HTTP form as below:

https://login.microsoftonline.com/bdeebc-dd/oauth2/authorize?client_id=fd&redirect_uri=http%3A%2F%2Fabc.contoso.com%2Fsignin-oidc&response_type=id_token&scope=openid profile&response_mode=form_post

What should I do to have the HTTPS form instead of HTTP for OAuth?

My config is

frontend public_front_end
   bind *:80
   mode http
   option forwardfor
   redirect scheme https code 301 if !{ ssl_fc }

frontend public_secured_front_end
   bind *:443 ssl crt /etc/haproxy/certs

use_backend abc-api if { hdr(host) -i abc.contoso.com }

backend abc-api
mode http
http-request add-header X-Forwarded-Proto https
server webserver01 192.168.0.1:4569 check
option forwardfor

Thanks

I would say this is the role of your application behind HAProxy to send this URL properly.