luis-serra-ki edited a comment on issue #12499:
URL: https://github.com/apache/airflow/issues/12499#issuecomment-808928030
Hello guys,
I'm having a similar problem. I'm running airflow on a kubernetes cluster,
and I'm using NGINX as my ingress controller, so all my certificates are being
provided/managed by it, and I saw that because of this, airflow are making the
auth request with the field redirect_uri using HTTP, but on Azure side, on
Authentication App settings there is no way to add an HTTP redirect uri and I'm
getting always this error: `AADSTS50011: The reply URL specified in the request
does not match the reply URLs configured for the application:
'ddb79b88-b450-48d2-bfea-3ea215508dd2'.`
Is there any way to override the redirect_uri parameter? I tried this but
isn't working:
```
OAUTH_PROVIDERS = [
{
"name": "azure",
"icon": "fa-windows",
"token_key": "access_token",
"remote_app": {
"client_id": os.environ.get("AZURE_APP_ID"),
"client_secret": os.environ.get("AZURE_CLIENT_SECRET"),
"redirect_uri" :
"https://airflow.my-domain.com/oauth-authorized/azure";,
"base_url": "https://graph.microsoft.com/v1.0/";,
"request_token_params": {
"scope": "User.read email profile",
"resource": os.environ.get("AZURE_APPLICATION_ID"),
},
"request_token_url": None,
"access_token_url": azure_authority + "/token",
"authorize_url": azure_authority + "/authorize",
},
},
]
```
There is any workaround for this problem?
I made another test, using burp suite to intercept the requests and change
the values of the parameters which worked from azure side, but then I got an
error from airflow side, because the first request was made with HTTP and the
reply is using https.
Thanks
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
