Azure Ad login redirect url is http instead of https

Question

I am working on the jsp-springboot application ,I have implemented the sso using azure and it is working as expected in my local sandbox. As per the document https://docs.microsoft.com/en-us/azure/developer/java/spring-framework/configure-spring-boot-starter-java-app-with-azure-active-directory

I have configured

azure.activedirectory.tenant-id

azure.activedirectory.client-id

azure.activedirectory.client-secret

Also I have added the redirect url in the azure portal I have not added any configuration classes other that these changes, I am able to login successfully in my local sandbox .For local sandbox I have configured the redirect url as http://localhost/appname/login/oauth2/code/ and for qa environment it is https://qadomain/appname/login/oauth2/code/ During the sso login local sanbox login is successful but for qa the url redirect to

https://login.microsoftonline.com/********/oauth2/v2.0/authorize?
response_type=code&client_id=********&scope=openid%20profile%20offline_access&
state=******&**redirect_uri=http://qadomain/appname/login/oauth2/code/**&nonce=******

The redirect_uri is http instead of https. This url redirect happens from the azure side automatically and I have no control over so this so . Can l Know why the protocol is http and not https

I have added certain propertis in the application.properties as well

security.oauth2.client.use-current-uri=false
server.tomcat.remote-ip-header=x-forwarded-for
server.tomcat.protocol-header=x-forwarded-proto
server.tomcat.use-relative-redirects=true
server.forward-headers-strategy=NATIVE
server.use-forward-headers=true
server.tomcat.internal-proxies=.*
server.tomcat.redirect-context-root=false

Answer 1

Try to add below line in the application.properties files along with tomcat server properties:

set spring.security.oauth2.client.registration.azure.redirect-uri-template in the application.properties

ex: spring.security.oauth2.client.registration.azure.redirect-uri=https://{baseHost}{basePort}{basePath}/login/oauth2/code/azure

or

If needed place app url in place of localhost and port

or try add the azure.activedirectory.redirect-uri-template : https://app.example.com/login/oauth2/code/ property.

And make sure to set the required redirect URLs in the portal too.

Please check the below references

References:

1. Spring OAuth redirect_uri not using https - Stack Overflow
2. azure - Spring redirect happening to "http://...../login" instead of "https://...../login" - Stack Overflow
3. Spring boot application with Azure AD throws Reply URL does not match - Stack Overflow