rewrite of location string causes 404 on id_token and access_token refresh #101
Description
If Nginx config has a location block which is changed via rewrite, when the id_token and access_token times out and refreshes the rewritten URL is not found and a 404 page experienced with logs indicating URL and file not found.
e.g.
location /my-site/contact {
rewrite ^/my-site/(/.*)$ $1 break;
}
So the link becomes /contact
I’ve traced this issue I experienced to the function retryOriginalRequest in the openid_connect.js file and this function is using the uri variable.
If I update uri to request_uri I don’t have any 404 errors and the logs don’t show the URL or file was not found.
e.g.
function retryOriginalRequest(r) {
delete r.headersOut["WWW-Authenticate"]; // Remove evidence of original failed auth_jwt
//r.internalRedirect(r.variables.uri + r.variables.is_args + (r.variables.args || '')); // Original
r.internalRedirect(r.variables.request_uri + r.variables.is_args + (r.variables.args || '')); // Allows rewrite URLs
}
Please review if this change is suitable for a wider audience and make the repo changes if relevant.
Thanks