Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dpop check failing with nginx as a webserver #17

Open
ylebre opened this issue Apr 29, 2021 · 2 comments
Open

Dpop check failing with nginx as a webserver #17

ylebre opened this issue Apr 29, 2021 · 2 comments

Comments

@ylebre
Copy link
Member

ylebre commented Apr 29, 2021

The HTTP_AUTHORIZATION server param is not set by the Nginx webserver, which is expected by Utils/DPop.php (around line 12). This causes a 500 internal server error in solid-nextcloud when trying to access the storage url (https://nextcloud/apps/solid/@user/storage/.

Expected behaviour is that it would return the files listing.
@ylebre ylebre mentioned this issue Apr 29, 2021
Closed
@Potherca
Copy link
Member

To make sure it doesn't get lost in the noise, I am copy/pasting this relevant comment from #43 here:

We have managed to log in in our app with nginx using the webid created by your plugin in nexcloud.

In order to make it work with NGINX:

  • We have added the below to nextcloud.conf

       location = /.well-known/openid-configuration {
     add_header Access-Control-Allow-Origin "*";
     return 302 $scheme://$host:$server_port/apps/solid/openid;
   }

  • We also have added with brute force the following to site.conf

        #add_header Access-Control-Allow-Origin https://pr8.io;
    add_header Access-Control-Allow-Origin $http_origin;
    #add_header Access-Control-Allow-Origin http://localhost:3000;
    add_header Access-Control-Allow-Credentials true;
    add_header Access-Control-Allow-Headers "*, allow, authorization, content-type, dpop, slug, link, accept, map";
    add_header Access-Control-Allow-Methods "GET, PUT, POST, OPTIONS, DELETE, PATCH";
    add_header Accept-Patch "application/sparql-update";
    add_header Access-Control-Expose-Headers "Authorization, User, Location, Link, Vary, Last-Modified, ETag, Accept-Patch, Accept-Post, Updates-Via, Allow, WAC-Allow, Content-Length, WWW-Authenticate, MS-Author-Via";
    proxy_pass_request_headers on;
    proxy_no_cache $cookie_nocache $arg_nocache$arg_comment;
    proxy_no_cache $http_pragma $http_authorization;
    proxy_cache_bypass $cookie_nocache $arg_nocache $arg_comment;
    proxy_cache_bypass $http_pragma $http_authorization;
    proxy_set_header HTTP_AUTHORIZATION $http_authorization

Originally posted by @ch1ch0gz in pdsinterop/solid-nextcloud#43 (comment)

@ylebre
Copy link
Member Author

ylebre commented Sep 30, 2022

All the CORS headers should no longer be needed in the site configuration, these are now set from the application layer instead of the webserver layer.

The proxy_set_header for HTTP_AUTHORIZATION should probably still be there.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
Solid Servers
Status: No status
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Potherca @ylebre