Allow forcing HTTPS in URL generation (#92)

* Force HTTPS feature * Add docs
2025-07-16 12:21:11 +02:00
parent 054f0e4bca
commit e22f960d69
7 changed files with 51 additions and 15 deletions
--- a/custom_components/auth_oidc/endpoints/callback.py
+++ b/custom_components/auth_oidc/endpoints/callback.py
@@ -17,10 +17,14 @@ class OIDCCallbackView(HomeAssistantView):
    name = "auth:oidc:callback"

    def __init__(
-        self, oidc_client: OIDCClient, oidc_provider: OpenIDAuthProvider
+        self,
+        oidc_client: OIDCClient,
+        oidc_provider: OpenIDAuthProvider,
+        force_https: bool,
    ) -> None:
        self.oidc_client = oidc_client
        self.oidc_provider = oidc_provider
+        self.force_https = force_https

    async def get(self, request: web.Request) -> web.Response:
        """Receive response."""
@@ -38,7 +42,7 @@ class OIDCCallbackView(HomeAssistantView):
            )
            return web.Response(text=view_html, content_type="text/html")

-        redirect_uri = get_url("/auth/oidc/callback")
+        redirect_uri = get_url("/auth/oidc/callback", self.force_https)
        user_details = await self.oidc_client.async_complete_token_flow(
            redirect_uri, code, state
        )
@@ -63,4 +67,6 @@ class OIDCCallbackView(HomeAssistantView):
            return web.Response(text=view_html, content_type="text/html")

        code = await self.oidc_provider.async_save_user_info(user_details)
-        return web.HTTPFound(get_url("/auth/oidc/finish?code=" + code))
+        return web.HTTPFound(
+            get_url("/auth/oidc/finish?code=" + code, self.force_https)
+        )
--- a/custom_components/auth_oidc/endpoints/redirect.py
+++ b/custom_components/auth_oidc/endpoints/redirect.py
@@ -17,13 +17,14 @@ class OIDCRedirectView(HomeAssistantView):
    url = PATH
    name = "auth:oidc:redirect"

-    def __init__(self, oidc_client: OIDCClient) -> None:
+    def __init__(self, oidc_client: OIDCClient, force_https: bool) -> None:
        self.oidc_client = oidc_client
+        self.force_https = force_https

    async def get(self, _: web.Request) -> web.Response:
        """Receive response."""

-        redirect_uri = get_url("/auth/oidc/callback")
+        redirect_uri = get_url("/auth/oidc/callback", self.force_https)
        auth_url = await self.oidc_client.async_get_authorization_url(redirect_uri)

        if auth_url:
--- a/custom_components/auth_oidc/endpoints/welcome.py
+++ b/custom_components/auth_oidc/endpoints/welcome.py
@@ -14,15 +14,16 @@ class OIDCWelcomeView(HomeAssistantView):
    url = PATH
    name = "auth:oidc:welcome"

-    def __init__(self, name: str, is_frontend_injection_enabled: bool) -> None:
+    def __init__(self, name: str, is_enabled: bool, force_https: bool) -> None:
        self.name = name
-        self.is_enabled = not is_frontend_injection_enabled
+        self.is_enabled = is_enabled
+        self.force_https = force_https

    async def get(self, _: web.Request) -> web.Response:
        """Receive response."""

        if not self.is_enabled:
-            return web.HTTPTemporaryRedirect(get_url("/"))
+            return web.HTTPTemporaryRedirect(get_url("/", self.force_https))

        view_html = await get_view("welcome", {"name": self.name})
        return web.Response(text=view_html, content_type="text/html")