nucleo000/seguidorDeLotes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add internal Authentik URL for server-to-server communication
All checks were successful
build-and-deploy / build (push) Successful in 7s
Details
build-and-deploy / deploy (push) Successful in 3s
Details

Browse Source 
This fixes ETIMEDOUT errors when exchanging OAuth tokens. The container
now uses the Docker internal service name (authentiknucleo-server-1:9000)
for server-to-server API calls while keeping the public URL for browser
redirects.

Changes:
- Add NUXT_OAUTH_AUTHENTIK_SERVER_URL_INTERNAL env var
- Use internal URL for token exchange and userinfo endpoints
- Update docker-compose.yml and Gitea workflow
This commit is contained in:
josedario87
2025-10-11 18:47:41 -06:00
parent c681c8579d
commit db4a79e617
4 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
nuxt4-app/server/api/auth/authentik.get.ts
View File

@@ -16,12 +16,14 @@ export default defineEventHandler(async (event) => {
clientId: runtimeConfig.oauth.authentik.clientId,
clientSecret: runtimeConfig.oauth.authentik.clientSecret,
serverUrl: runtimeConfig.oauth.authentik.serverUrl,
serverUrlInternal: runtimeConfig.oauth.authentik.serverUrlInternal || runtimeConfig.oauth.authentik.serverUrl,
redirectURL: runtimeConfig.oauth.authentik.redirectURL,
scope: ['openid', 'profile', 'email'],
}
console.log('OAuth Authentik - Iniciando flujo:', {
serverUrl: config.serverUrl,
serverUrlInternal: config.serverUrlInternal,
redirectURL: config.redirectURL,
hasCode: !!query.code
})
@@ -29,8 +31,8 @@ export default defineEventHandler(async (event) => {
// Handle OAuth callback
if (query.code) {
try {
// Exchange code for tokens
const tokenUrl = `${config.serverUrl}/application/o/token/`
// Exchange code for tokens (usar URL interna para comunicación servidor-a-servidor)
const tokenUrl = `${config.serverUrlInternal}/application/o/token/`
const tokenResponse = await $fetch(tokenUrl, {
method: 'POST',
headers: {
@@ -47,8 +49,8 @@ export default defineEventHandler(async (event) => {
const tokens = tokenResponse as any
// Get user info
const userInfoUrl = `${config.serverUrl}/application/o/userinfo/`
// Get user info (usar URL interna para comunicación servidor-a-servidor)
const userInfoUrl = `${config.serverUrlInternal}/application/o/userinfo/`
const user = await $fetch(userInfoUrl, {
headers: {
Authorization: `Bearer ${tokens.access_token}`,