🐛 Bug Report: Clients that uses well known openid-configuration will allways redirected to http://localhost:1411 #191

New Issue

Closed

opened 2025-10-07 23:57:04 +03:00 by OVERLORD · 4 comments

OVERLORD commented 2025-10-07 23:57:04 +03:00

Owner

Copy Link

Originally created by @P1tt187 on GitHub.

Reproduction steps

I configured gitea to use Pocket-id.
it uses https://pocket-id.home.lan/.well-known/openid-configuration
My Pocketid instance runs behind traefik.

 labels:
      - "traefik.enable=true"
      - "traefik.http.routers.pocket-id.entrypoints=websecure"
      - "traefik.http.routers.pocket-id.rule=Host(`pocket-id.home.lan`)"
      - "traefik.http.routers.pocket-id.tls=true"      
      - "traefik.http.services.pocket-id.loadbalancer.server.port=1411"  

Click on Sign in using PocketID

Expected behavior

i would expect that gitea will redirect to the url which was specified in APP_URL

Actual Behavior

The browser will be redirected to http://localhost:1411

Version and Environment

v1.1.0
APP_URL=https://pocket-id.home.lan

Log Output

No response

Originally created by @P1tt187 on GitHub. ### Reproduction steps I configured gitea to use Pocket-id. it uses https://pocket-id.home.lan/.well-known/openid-configuration My Pocketid instance runs behind traefik. ```yaml labels: - "traefik.enable=true" - "traefik.http.routers.pocket-id.entrypoints=websecure" - "traefik.http.routers.pocket-id.rule=Host(`pocket-id.home.lan`)" - "traefik.http.routers.pocket-id.tls=true" - "traefik.http.services.pocket-id.loadbalancer.server.port=1411" ``` Click on Sign in using PocketID ### Expected behavior i would expect that gitea will redirect to the url which was specified in `APP_URL` ### Actual Behavior The browser will be redirected to http://localhost:1411 ### Version and Environment v1.1.0 `APP_URL=https://pocket-id.home.lan` ### Log Output _No response_

OVERLORD added the bug label 2025-10-07 23:57:04 +03:00

OVERLORD closed this issue 2025-10-07 23:57:05 +03:00

OVERLORD commented 2025-10-07 23:57:06 +03:00

Author

Owner

Copy Link

@P1tt187 commented on GitHub:

Hi @Fuckingnameless, I edited the description. Now it contains the labels

@P1tt187 commented on GitHub: Hi @Fuckingnameless, I edited the description. Now it contains the labels

OVERLORD commented 2025-10-07 23:57:07 +03:00

Author

Owner

Copy Link

@stonith404 commented on GitHub:

I'm converting this to a discussion as this doesn't seem related directly to Pocket ID but Traefik. I don't use Traefik so I can't really help you here but maybe someone else can.

@stonith404 commented on GitHub: I'm converting this to a discussion as this doesn't seem related directly to Pocket ID but Traefik. I don't use Traefik so I can't really help you here but maybe someone else can.

OVERLORD commented 2025-10-07 23:57:07 +03:00

Author

Owner

Copy Link

@gilbrotheraway commented on GitHub:

can you share the traefik labels you use on the pocket id container

@gilbrotheraway commented on GitHub: can you share the traefik labels you use on the pocket id container

OVERLORD commented 2025-10-07 23:57:07 +03:00

Author

Owner

Copy Link

@P1tt187 commented on GitHub:

It tryes to perform a request to tis location

curl 'http://localhost:1411/authorize?client_id=xxxx^&redirect_uri=https%3A%2F%2Fxxxxxxx%2Fuser%2Foauth2%2FPocketID%2Fcallback^&response_type=code^&scope=openid+email+profile+picture+openid^&state=xxxxxx' 

as i investigated, this the redirect header from pocket-id points to this location
this worked fine with the versions that had caddy included

@P1tt187 commented on GitHub: It tryes to perform a request to tis location ``` curl 'http://localhost:1411/authorize?client_id=xxxx^&redirect_uri=https%3A%2F%2Fxxxxxxx%2Fuser%2Foauth2%2FPocketID%2Fcallback^&response_type=code^&scope=openid+email+profile+picture+openid^&state=xxxxxx' ``` as i investigated, this the redirect header from pocket-id points to this location this worked fine with the versions that had caddy included

OVERLORD referenced this issue 2025-10-08 00:19:54 +03:00

[PR #191] [MERGED] docs: Add Immich and Headscale client examples #929

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

oidc-scopes

breaking/v2

i18n_crowdin

v2/use-item-component

default-env-db-keys

slog-gorm

v1.16.0

v1.15.0

v1.14.2

v1.14.1

v1.14.0

v1.13.1

v1.13.0

v1.12.0

v1.11.2

v1.11.1

v1.11.0

v1.10.0

v1.9.1

v1.9.0

v1.8.1

v1.8.0

v1.7.0

v1.6.4

v1.6.3

v1.6.2

v1.6.1

v1.6.0

v1.5.0

v1.4.1

v1.4.0

v1.3.1

v1.3.0

v1.2.0

v1.1.0

v1.0.0

v0.53.0

v0.52.0

v0.51.1

v0.51.0

v0.50.0

v0.49.0

v0.48.0

v0.47.0

v0.46.0

v0.45.0

v0.44.0

v0.43.1

v0.43.0

v0.42.1

v0.42.0

v0.41.0

v0.40.1

v0.40.0

v0.39.0

v0.38.0

v0.37.0

v0.36.0

v0.35.6

v0.35.5

v0.35.4

v0.35.3

v0.35.2

v0.35.1

v0.35.0

v0.34.0

v0.33.0

v0.32.0

v0.31.0

v0.30.0

v0.29.0

v0.28.1

v0.28.0

v0.27.2

v0.27.1

v0.27.0

v0.26.0

v0.25.1

v0.25.0

v0.24.1

v0.24.0

v0.23.0

v0.22.0

v0.21.0

v0.20.1

v0.20.0

v0.19.0

v0.18.0

v0.17.0

v0.16.0

v0.15.0

v0.14.0

v0.13.1

v0.13.0

v0.12.0

v0.11.0

v0.10.0

v0.9.0

v0.8.1

v0.8.0

v0.7.1

v0.7.0

v0.6.0

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.1

v0.4.0

v0.3.1

v0.3.0

v0.2.1

v0.2.0

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels

breaking

bug

documentation

feature

needs more upvotes

open to pull requests

pull-request

Mirrored from GitHub Pull Request

No Label bug

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/pocket-id-pocket-id-1#191