fix(converters): Ensure x-forwarded-proto is set to http when running locally

[sommeeeer]

Discussed in #686 over at opennextjs-cloudflare

next-auth and possibly more libraries rely on the x-forwarded-proto header to be http to work out of the box when run locally. In next start or next dev they set this to http when ran locally.

To make opennextjs-cloudflarejs preview and our node converter when running OpenNext locally behave the same we would want to set this header to http. This would make the user not have to set an AUTH_URL in those modes.

[changeset-bot]

🦋 Changeset detected

Latest commit: 455985e

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 3 packages

Name	Type
@opennextjs/aws	Patch
app-pages-router	Patch
app-router	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[pkg-pr-new]

Open in StackBlitz

pnpm add https://pkg.pr.new/@opennextjs/aws@887

commit: 455985e

[sommeeeer]

I have to dig a bit further on this one. Turns out you might need an AUTH_URL after all.

[sommeeeer]

Im using this repo to test out. First build the repo with pnpm next build && pnpm next start and you can see it works fine.
Username: john@opennext.com
Password: password

However when in wrangler dev (or running express-dev/node) for some reason the callbackUrl here will have https even when I set this in the edge converter:

// this is for the redirects to work with http
process.env.__NEXT_PRIVATE_ORIGIN = url.origin;
// this makes the signin button redirect to http
headers["x-forwarded-proto"] = "http";

Remember to change the overrides path in package.json. After you have added those things above in the edge converter in your opennextjs-aws repo and built it, go and build the next-auth-test project with pnpm install && pnpm preview -- --port 3000. If you click on the # with Credentials button, you will get sent to a page with this form:

Notice the https and not http like in next start. Thats make this form action not work out of the box. You can set an AUTH_URL and it will work, but im trying to get this to work like with next start. Still digging to figure out whats causing this.

[sommeeeer]

Alright, this one was a bit harder to debug than I initially thought.

Turns out this is related to request.url being wrong in API routes when running OpenNext locally. The url is https.... even though you are running locally with http.

next-auth uses this url from the request object in its API handlers on /app/api/auth/[...nextauth]/route.ts.

There is some workarounds (AUTH_URL, or creating your custom signin page), but im not sure whats causing this yet, or if its even possible to fix. I checked and the req.url is correct here:

opennextjs-aws/packages/open-next/src/core/requestHandler.ts

Line 259 in 68bb9b0

await requestHandler(requestMetadata)(req, res);

To see this yourself you can just add an API route in your app and run OpenNext locally either via opennextjs-cloudflare preview or node .open-next/server-functions/default/index.mjs:

import { NextRequest } from "next/server";

export async function GET(request: NextRequest) {
  return Response.json({
    // when running OpenNext locally this url with https when it should not
    url: request.url,
  })
}