问题
I have an Ubuntu 14.04 server and I have a meteor application that runs at localhost:3000 on this server. The public FQDN of my server is sub.example.com. The meteor application uses Google OAuth 2.0, I have the following configured in the Google API Console:
URI REDIRECTION
http://sub.example.com/_oauth/google
http://sub.example.com/_oauth/google?close
ORIGINES JAVASCRIPT
http://sub.example.com
My Nginx config file looks like this:
server {
listen 80 default_server;
server_name sub.example.com www.sub.example.com;
location / {
proxy_set_header HOST $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:3000;
}
}
The proxy works and I can access my meteor application when I go to sub.example.com. But when in this application I try to use Google OAuth 2.0, a pop up opens as it should and I get :
Error: redirect_uri_mismatch
The redirect URI in the request: http://localhost:3000/_oauth/google?close did not match a registered redirect URI.
I have played with the header in the nginx config file with no luck.
I'm obviously missing something.
回答1:
You should rewrite the Location headers that your backend sends to Nginx described in http://wiki.nginx.org/HttpProxyModule#proxy_redirect, so:
proxy_redirect http://localhost:3000/_oauth/google http://sub.example.com/_oauth/google;
the other option, that would work for popup-style login as well is to set the ROOT_URL environment variable for Meteor at startup as follows:
ROOT_URL="http://sub.example.com" PORT=3000 node main.js
来源:https://stackoverflow.com/questions/28674550/nginx-proxy-with-google-oauth-2-0