Incorrect OAuth2.0 Redirects

If you’ve set up OAuth2.0 authentication for your Spinnaker cluster and are seeing redirects to the wrong page (for example, to http instead of https), try the following:

hal config security authn oauth2 edit --pre-established-redirect-uri https://my-real-gate-address.com:8084/login

This will modify your .hal/config with this field:

  security:
    authn:
      oauth2:
        client:
          preEstablishedRedirectUri: https://my-real-gate-address.com:8084/login

and add/create .hal/<deployment-name>/profiles/gate-local.yml:

server:
  tomcat:
    protocolHeader: X-Forwarded-Proto
    remoteIpHeader: X-Forwarded-For
    internalProxies: .*

This is also documented here: https://www.spinnaker.io/setup/security/authentication/oauth/#network-architecture-and-ssl-termination

×

Subscribe

The latest tutorials sent straight to your inbox.