Allow OAuth 2 to redirect to plain HTTP for localhost

author Tom Hughes <tom@compton.nu>

Tue, 20 Apr 2021 17:52:57 +0000 (18:52 +0100)

committer Tom Hughes <tom@compton.nu>

Tue, 18 May 2021 11:05:33 +0000 (12:05 +0100)
author Tom Hughes <tom@compton.nu>
Tue, 20 Apr 2021 17:52:57 +0000 (18:52 +0100)
committer Tom Hughes <tom@compton.nu>
Tue, 18 May 2021 11:05:33 +0000 (12:05 +0100)
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb

index bc70f02f03a35aca3d73305a249312dfa724a16d..532e972563e4c0a02833049d530db80ae3d8a9b6 100644 (file)
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -241,7 +241,9 @@ Doorkeeper.configure do
    # #call can be used in order to allow conditional checks (to allow non-SSL
    # redirects to localhost for example).
  
-  force_ssl_in_redirect_uri !Rails.env.development?
+  force_ssl_in_redirect_uri do |uri|
+    !Rails.env.development? && uri.host != "127.0.0.1"
+  end
  
    # Specify what redirect URI's you want to block during Application creation.
    # Any redirect URI is whitelisted by default.
author	Tom Hughes <tom@compton.nu>
	Tue, 20 Apr 2021 17:52:57 +0000 (18:52 +0100)
committer	Tom Hughes <tom@compton.nu>
	Tue, 18 May 2021 11:05:33 +0000 (12:05 +0100)