Omniauth and open_id with Google broken when running behind nginx in SSL mode Omniauth and open_id with Google broken when running behind nginx in SSL mode nginx nginx

Omniauth and open_id with Google broken when running behind nginx in SSL mode


Found your problem, I am still trying to find something cleaner but here is the quick & dirty fix:

add this in your config/initializers/omniauth.rb:

class Rack::OpenID  def realm_url(req)    'https://localhost:3000'  endend

And now for the explanation: when the rack-openid gem builds the request to send to the google openid server it fails in one spot using the rails application access url and not the nginx one (wich uses ssl) resulting in this being sent to the openid server:

openid.realm:http://localhost:3001openid.return_to:https://localhost:3001/auth/open_id/callback

The realm use the http url (rails url) while the return_to points to the right https url (nginx), when the openid server sees this it stops and return an error.

PS: I will edit the answer if I manage to find a cleaner way.


Most likely you need to configure your google app callback URL to add https instead of http.

I have multiple apps setup one for testing with rails s and another staging deployment and another for when I deploy to production.