Auth0 Home Blog Docs

Context.request.query.redirect_url does not seem to be overridable in a Rule

login

#1

I have a system that supports OAuth providers (including Auth0) which I am moving to use Auth0. The system has an NGINX reverse-proxy in front of it which is redirecting all port 80 traffic to the system. The system is building its own redirect URL which includes a port 1234 which is not correctly being proxied by NGINX.

I would obviously love to fix this in the system or NGINX itself, but I don’t have access to either of those systems right now - getting Auth0 added to the login configuration was already a tall order.

I attempted to fix this issue by rewriting the redirect_uri in a rule, but it does not appear that Auth0 is reading this from the rewritten context.

Given the following rule:

function (user, context, callback) {

  console.log(context.request.query.redirect_uri);
  if (context.request.query.redirect_uri === 'http://MY-DOMAIN:1234/login/oauth')
  {
    context.request.query.redirect_uri = 'http://MY-DOMAIN/login/oauth';
    console.log('redirect uri has been adjusted');
  }
  console.log(context.request.query.redirect_uri);
  callback(null, user, context);
}

When a user logins, I get the following logs:

3:22:47 PM: new webtask request 12345.1234
3:22:47 PM: http://MY-DOMAIN:1234/login/oauth
redirect uri has been adjusted
http://MY-DOMAIN/login/oauth
3:22:47 PM: finished webtask request 12345.1234 with HTTP 200 in 136ms

The login attempt still redirects to http://MY-DOMAIN:1234/login/oauth after the rule executes

Is this field ignored for Rules execution? Or is there another field I should set instead?


#2

@cswendrowski it is intended by design that the redirect_uri remain untouched. It is validated at various points in the flow against a whitelist and we do not allow the rules to modify this.


#3

Thanks for the update - looks like I’ll have to get it fixed in the source systems instead