lionsdev/unionflow-client-quarkus-primefaces-freya
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix: Add explicit OIDC redirect URI for Keycloak auth

Browse Source 
Added force-redirect-https-scheme and explicit redirect-uri to fix
'Paramètre invalide : redirect_uri' error in Keycloak authentication.

Changes:
- quarkus.oidc.authentication.force-redirect-https-scheme=true
- quarkus.oidc.authentication.redirect-uri=https://unionflow.lions.dev/auth/callback

This ensures Quarkus OIDC uses the correct absolute URL for redirect
instead of constructing it from request headers (which may be incorrect
behind nginx ingress).
This commit is contained in:
dahoud
2025-12-13 11:11:10 +00:00
parent d7fe9e4203
commit eeb0c31149
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/resources/application-prod.properties
View File

@@ -69,6 +69,8 @@ quarkus.oidc.client-id=unionflow-client
quarkus.oidc.credentials.secret=${KEYCLOAK_CLIENT_SECRET} quarkus.oidc.credentials.secret=${KEYCLOAK_CLIENT_SECRET}
quarkus.oidc.application-type=web-app quarkus.oidc.application-type=web-app
quarkus.oidc.authentication.redirect-path=/auth/callback quarkus.oidc.authentication.redirect-path=/auth/callback
quarkus.oidc.authentication.force-redirect-https-scheme=true
quarkus.oidc.authentication.redirect-uri=https://unionflow.lions.dev/auth/callback
quarkus.oidc.authentication.restore-path-after-redirect=true quarkus.oidc.authentication.restore-path-after-redirect=true
quarkus.oidc.authentication.scopes=openid,profile,email,roles quarkus.oidc.authentication.scopes=openid,profile,email,roles
quarkus.oidc.token.issuer=https://security.lions.dev/realms/unionflow quarkus.oidc.token.issuer=https://security.lions.dev/realms/unionflow