From c152f619da4a0a0ca190d5f918594e1af299035e Mon Sep 17 00:00:00 2001
From: bstewartlg <114590619+bstewartlg@users.noreply.github.com>
Date: Fri, 28 Jun 2024 19:22:20 -0400
Subject: [PATCH] Auth url change

---
 .../java/org/hl7/davinci/priorauth/endpoint/Metadata.java    | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/main/java/org/hl7/davinci/priorauth/endpoint/Metadata.java b/src/main/java/org/hl7/davinci/priorauth/endpoint/Metadata.java
index 5eebd9e6..37876ce7 100644
--- a/src/main/java/org/hl7/davinci/priorauth/endpoint/Metadata.java
+++ b/src/main/java/org/hl7/davinci/priorauth/endpoint/Metadata.java
@@ -7,6 +7,7 @@
 
 import javax.servlet.http.HttpServletRequest;
 
+import org.apache.commons.lang3.StringUtils;
 import org.hl7.davinci.priorauth.App;
 import org.hl7.davinci.priorauth.Audit;
 import org.hl7.davinci.priorauth.FhirUtils;
@@ -179,6 +180,10 @@ private CapabilityStatementRestSecurityComponent getSecurity(HttpServletRequest
     if (System.getenv("TOKEN_BASE_URI") != null && !System.getenv("TOKEN_BASE_URI").isBlank()) {
       uriBase = System.getenv("TOKEN_BASE_URI");
     }
+    else if (StringUtils.isNotBlank(request.getHeader("X-Forwarded-Proto")) && StringUtils.isNotBlank(request.getHeader("X-Forwarded-Host"))) {
+      uriBase = request.getHeader("X-Forwarded-Proto") + "://" + request.getHeader("X-Forwarded-Host");
+    }
+
     Extension tokenUri = new Extension("token", new UriType(uriBase + "/fhir/auth/token"));
     Extension authorizeUri = new Extension("authorize", new UriType(uriBase + "/fhir/auth/authorize"));
     oauthUris.addExtension(tokenUri);