Skip to content

Incorrect Oauth2 redirect URL #2932

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
zaa4wz opened this issue Mar 6, 2025 · 1 comment
Closed

Incorrect Oauth2 redirect URL #2932

zaa4wz opened this issue Mar 6, 2025 · 1 comment
Labels
Not reproducible

Comments

@zaa4wz
Copy link

zaa4wz commented Mar 6, 2025

Describe the bug

After upgrading the library from version 2.7.0 to 2.8.5, the Oauth2 redirect URL is built incorrectly.

I have a Spring WebFlux project that is deployed to a server. To access the service, I am using a DNS and service name to reach it. Let's say the service URL is https://apigateway.apps.internal.cloud/apigateway. To access Swagger, I have to type https://apigateway.apps.internal.cloud/apigateway/openapiwebjars/swagger-ui/index.html. Accessing the swagger is working fine. To integrate Swagger with our security, I have added an Authorize button with the OAuthFlows security schema. When clicking on the Authorize button, providing necessary information and clicking on the second Authorize button, I am redirected to an authorization server to be authorized. One of the request parameters to the authorization server is redirect_uri. In springdoc-openapi-starter-webflux-ui version 2.7.0 the redirect_uri was https://apigateway.apps.internal.cloud/apigateway/openapiwebjars/swagger-ui/oauth2-redirect.html , but in version 2.8.5 the redirect_uri changed to https://apigateway/openapiwebjars/swagger-ui/oauth2-redirect.html

It looks like the host part of URI is missing.

To Reproduce
Steps to reproduce the behavior:

  1. Create a Spring WebFlux project with Spring Boot version 3.4.3 and webflux-ui version 2.8.5
    1.1. spring-boot-starter-parent 3.4.3
    1.2. spring-boot-starter-webflux
    1.3. springdoc-openapi-starter-webflux-ui 2.8.5

  2. Add OAuthFlows security schema to the Swagger

  3. Deploy the project on a server and set up DNS to access the service by name

  4. Authorize yourself with the help of Authorize button

  5. Verify the redirect_uri request parameter
    5.1. Expected value: https://apigateway.apps.internal.cloud/apigateway/openapiwebjars/swagger-ui/oauth2-redirect.html
    5.2. Actual value: https://apigateway/openapiwebjars/swagger-ui/oauth2-redirect.html

Expected behavior

The redirect_uri should contain the actual server URL

Screenshots
If applicable, add screenshots to help explain your problem.

Additional context
It could be related to:
@bnasslahsen
Copy link
Collaborator

@zaa4wz,

The issues you are describing are not related to springdoc-openapi code.
Feel free to provide a Minimal, Reproducible Example - with HelloController that reproduces the problem.

This ticket will be closed, but can be reopened if your provide the reproducible sample.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Not reproducible
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bnasslahsen @zaa4wz