From 68c130bd84d52adff6a78e16d3c1e44a80c70621 Mon Sep 17 00:00:00 2001
From: Anthony LC <anthony.le-courric@mail.numerique.gouv.fr>
Date: Fri, 12 Apr 2024 14:06:30 +0200
Subject: [PATCH] =?UTF-8?q?=F0=9F=94=A7(backend)=20activate=20https=20on?=
 =?UTF-8?q?=20oidc=20redirection?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

mozilla-django-oidc didn't add the https://
prefix to the redirect_uri.
We set the option SECURE_PROXY_SSL_HEADER to
('HTTP_X_FORWARDED_PROTO', 'https') in the
settings.py file to force the https prefix.
---
 src/backend/impress/settings.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/backend/impress/settings.py b/src/backend/impress/settings.py
index 929f383d..fef1a81a 100755
--- a/src/backend/impress/settings.py
+++ b/src/backend/impress/settings.py
@@ -500,6 +500,7 @@ class Production(Base):
     #
     # In other cases, you should comment the following line to avoid security issues.
     # SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
+    SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
 
     # Modern browsers require to have the `secure` attribute on cookies with `Samesite=none`
     CSRF_COOKIE_SECURE = True