We are using the Google OAuth2 provider to allow user to log in. Here is some documentation on how to set that up: http://serpentcs.com/serpentcs-how-to-connect-to-odoo-using-google-account-339
We recently enabled https for our site.
We have been able to make this work using the below Apache Proxy config and by adding both http and https urls in the Google Console as authorized redirect urls.
There has been a bug-report by other people struggling with this: https://github.com/odoo/odoo/issues/24882
Although it works, one thing is not clean: the url that links to google contains http://mysite.com redirect_uri. So a small part of the communication still goes through plain http. This is not a big issue in itself except that it is not unlikely that google will one day decide that plain-http urls are no longer allowed. I'd rather not wait till that day comes to figure out what to do.
The Odoo documentation for setting up https uses nginx as example. There I see some configuration for setting some hearders. Would that solve this issue and if so, would it be possible to achieve the same with apache?
Our apache config:
<VirtualHost *:80> ServerAlias www.mysite.com ServerAlias mysite.com ServerAdmin admin@mysite.com DocumentRoot /var/www
Redirect / https://mysite.com/ </VirtualHost>
<VirtualHost *:443>
ServerAlias www.mysite.com ServerAlias mysite.com ServerAdmin admin@mysite.com DocumentRoot /var/www ErrorLog ${APACHE_LOG_DIR}/odoo.error.log CustomLog ${APACHE_LOG_DIR}/odoo.access.log combined ProxyPass / http://192.168.1.1:8069/ ProxyPassReverse / http://192.168.1.1:8069/ SSLEngine on SSLCertificateFile /etc/ssl/cert/mysite_com.crt SSLCertificateKeyFile /etc/ssl/cert/www_mysite_com.key SSLCertificateChainFile /etc/ssl/cert/mysite_com.ca-bundle </VirtualHost>