From aa9ce8b6dbdbe20794d111a6ba6e65b52e079d7e Mon Sep 17 00:00:00 2001
From: Tom Hughes <tom@compton.nu>
Date: Tue, 20 Apr 2021 18:52:57 +0100
Subject: [PATCH] Allow OAuth 2 to redirect to plain HTTP for localhost

---
 config/initializers/doorkeeper.rb | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb
index bc70f02f0..532e97256 100644
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -241,7 +241,9 @@ Doorkeeper.configure do
   # #call can be used in order to allow conditional checks (to allow non-SSL
   # redirects to localhost for example).
 
-  force_ssl_in_redirect_uri !Rails.env.development?
+  force_ssl_in_redirect_uri do |uri|
+    !Rails.env.development? && uri.host != "127.0.0.1"
+  end
 
   # Specify what redirect URI's you want to block during Application creation.
   # Any redirect URI is whitelisted by default.
-- 
2.39.5