configure http proxy in config file

shashankbrgowda · shashankbrgowda · commit e5aae1d64a20 · 2025-12-08T13:24:28.000Z
diff --git a/packages/apollo-collaboration-server/src/app.module.ts b/packages/apollo-collaboration-server/src/app.module.ts
@@ -108,6 +108,7 @@ const validationSchema = Joi.object({
     })
     .default(''),
   PLUGIN_URLS_FILE: Joi.string(),
+  OAUTH_HTTP_PROXY: Joi.string(),
 })
   .xor('MONGODB_URI', 'MONGODB_URI_FILE')
   .oxor('GOOGLE_CLIENT_ID', 'GOOGLE_CLIENT_ID_FILE')
diff --git a/packages/apollo-collaboration-server/src/utils/strategies/google.strategy.ts b/packages/apollo-collaboration-server/src/utils/strategies/google.strategy.ts
@@ -15,6 +15,7 @@ interface ConfigValues {
   GOOGLE_CLIENT_SECRET_FILE?: string
   URL: string
   PORT: number
+  OAUTH_HTTP_PROXY?: string
 }
 
 @Injectable()
@@ -65,17 +66,16 @@ export class GoogleStrategy extends PassportStrategy(Strategy) {
     })
 
     // Apply proxy to OAuth2 instance
-    const proxy = process.env.HTTPS_PROXY ?? process.env.HTTP_PROXY
+    const proxy = configService.get('OAUTH_HTTP_PROXY', { infer: true })
     if (proxy) {
       const agent = new HttpsProxyAgent(proxy)
 
       // Access the internal OAuth2 instance and set the agent
       // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-explicit-any, @typescript-eslint/no-unsafe-member-access
       const oauth2 = (this as any)._oauth2
       if (oauth2) {
-        // https://github.com/ciaranj/node-oauth/blob/master/lib/oauth2.js#L20
         // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
-        oauth2._agent = agent
+        oauth2.setAgent = agent
         this.logger.debug(`GoogleStrategy configured to use proxy: ${proxy}`)
       }
     }
diff --git a/packages/apollo-collaboration-server/src/utils/strategies/microsoft.strategy.ts b/packages/apollo-collaboration-server/src/utils/strategies/microsoft.strategy.ts
@@ -3,6 +3,7 @@ import fs from 'node:fs'
 import { Injectable, Logger } from '@nestjs/common'
 import { ConfigService } from '@nestjs/config'
 import { PassportStrategy } from '@nestjs/passport'
+import { HttpsProxyAgent } from 'https-proxy-agent'
 import { Strategy } from 'passport-microsoft'
 
 import { AuthenticationService } from '../../authentication/authentication.service'
@@ -22,6 +23,7 @@ interface ConfigValues {
   MICROSOFT_CLIENT_SECRET_FILE?: string
   URL: string
   PORT: number
+  OAUTH_HTTP_PROXY?: string
 }
 
 @Injectable()
@@ -72,6 +74,23 @@ export class MicrosoftStrategy extends PassportStrategy(Strategy) {
       scope: ['user.read'],
       store: true,
     })
+
+    // Apply proxy to OAuth2 instance
+    const proxy = configService.get('OAUTH_HTTP_PROXY', { infer: true })
+    if (proxy) {
+      const agent = new HttpsProxyAgent(proxy)
+
+      // Access the internal OAuth2 instance and set the agent
+      // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-explicit-any, @typescript-eslint/no-unsafe-member-access
+      const oauth2 = (this as any)._oauth2
+      if (oauth2) {
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
+        oauth2.setAgent = agent
+        this.logger.debug(
+          `Microsoft Strategy configured to use proxy: ${proxy}`,
+        )
+      }
+    }
   }
 
   async validate(accessToken: string, refreshToken: string, profile: Profile) {
diff --git a/packages/website/docs/02-installation/04-configuration-options.md b/packages/website/docs/02-installation/04-configuration-options.md
@@ -105,4 +105,7 @@ MICROSOFT_CLIENT_SECRET=client_secret_here
 # Alternatively, can be a path to a file with a list of plugin URLs, one URL per
 # line
 # PLUGIN_URLS_FILE=/data/plugin-urls
+
+# HTTP/HTTPS proxy for OAuth requests, if your server is behind a proxy
+# OAUTH_HTTP_PROXY=http://proxy.example.com:8080
 ```
