diff --git a/apps/authentication/backends/oauth2/views.py b/apps/authentication/backends/oauth2/views.py index cac8b2eb8..dd295fe86 100644 --- a/apps/authentication/backends/oauth2/views.py +++ b/apps/authentication/backends/oauth2/views.py @@ -18,7 +18,6 @@ class OAuth2AuthRequestView(View): log_prompt = "Process OAuth2 GET requests: {}" logger.debug(log_prompt.format('Start')) - base_url = settings.AUTH_OAUTH2_PROVIDER_AUTHORIZATION_ENDPOINT query_dict = { 'client_id': settings.AUTH_OAUTH2_CLIENT_ID, 'response_type': 'code', 'scope': settings.AUTH_OAUTH2_SCOPE, @@ -27,7 +26,10 @@ class OAuth2AuthRequestView(View): ) } - redirect_url = '{url}?{query}'.format(url=base_url, query=urlencode(query_dict)) + redirect_url = '{url}?{query}'.format( + url=settings.AUTH_OAUTH2_PROVIDER_AUTHORIZATION_ENDPOINT, + query=urlencode(query_dict) + ) logger.debug(log_prompt.format('Redirect login url')) return HttpResponseRedirect(redirect_url) diff --git a/apps/authentication/utils.py b/apps/authentication/utils.py index 0c9c56102..836cb55bf 100644 --- a/apps/authentication/utils.py +++ b/apps/authentication/utils.py @@ -48,5 +48,5 @@ def build_absolute_uri_for_oidc(request, path=None): # OIDC 专用配置项 redirect_uri = urljoin(settings.BASE_SITE_URL, path) else: - redirect_uri = build_absolute_uri(request, path) + redirect_uri = request.build_absolute_uri(path) return redirect_uri diff --git a/apps/jumpserver/settings/base.py b/apps/jumpserver/settings/base.py index 8acfd4057..547aa9c1b 100644 --- a/apps/jumpserver/settings/base.py +++ b/apps/jumpserver/settings/base.py @@ -43,6 +43,9 @@ DEBUG_DEV = CONFIG.DEBUG_DEV # Absolute url for some case, for example email link SITE_URL = CONFIG.SITE_URL +# https://docs.djangoproject.com/en/4.1/ref/settings/ +SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https') + # LOG LEVEL LOG_LEVEL = CONFIG.LOG_LEVEL