I have a settings with Keycloak as identity manager and NGINX with openresty lua nginx module in-front
I have a fairly simple scenario where I am trying to access my application which is protected.
AS I don’t have a session I am being redirected to Keycloak’s login page
I enter my credentials, authentication is done successfully and a redirect_uri is sent back to the browser.
The flow I just described works perfectly when the browser I am using is Chrome/FireFox running on Windows/Ubuntu/Android
However when I try to access my application from iOS none of the browser I tried works
on iOS after receiving the login page and entering my credentials, the browser waits and then display some general error page
From the NGINX logs I can see that the redirect_uri is returned to the browser but it is as if the browser fails to follow it
From NGINX perspective there is no difference in the logs between a successful and fail scenario meaning on both scenarios the logs are the same suggesting the problem is not in the flow itself
This is an example of the redirect_uri I see being sent to the browser
188.8.131.52 - - [05/Nov/2019:07:53:40 +0000] “GET /redirect_uri?state=7a03428a763e0946fe0c719bb2df31f8&session_state=1bdbf462-90e7-43d4-a024-4a69d880a27d&code=ff52bf7f-c4ca-443b-b6d0-1c235dfe75fa.1bdbf462-90e7-43d4-a024-4a69d880a27d.72292c6d-d0d8-4a19-90a4-1d0d7b63656a HTTP/2.0” 302 167 “https://qa-enrichment.cellebrite.com/auth/realms/pointer/protocol/openid-connect/auth?response_type=code&client_id=client-proxy&state=7a03428a763e0946fe0c719bb2df31f8&redirect_uri=https%3A%2F%2Fqa-enrichment.cellebrite.com%2Fredirect_uri&nonce=e8c1e2aa4801835fdbc3cbd67da97637&scope=openid” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36”
Did anyone encountered this behavior? has any idea what happens?