Fixes for OAuth via proxy

[TheoMathurin]

The goal is to address issues mentioned in #3555

For starters, I believe the test_auth0_oauth_via_proxy test function does not actually test the proxy mechanism because the page is accessed via the wrong port, bypassing the reverse proxy.

Let's see if the test still passes (I don't want to create an Auth0 account to get a key so I can't check it locally).

[codecov]

Codecov Report

❌ Patch coverage is 0% with 3 lines in your changes missing coverage. Please review.
✅ Project coverage is 85.90%. Comparing base (152157c) to head (1c6a884).
⚠️ Report is 25 commits behind head on main.

Files with missing lines	Patch %	Lines
panel/tests/ui/test_auth.py	0.00%	3 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #8211      +/-   ##
==========================================
- Coverage   86.01%   85.90%   -0.12%     
==========================================
  Files         348      348              
  Lines       53985    53986       +1     
==========================================
- Hits        46435    46376      -59     
- Misses       7550     7610      +60     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[TheoMathurin]

So the test passes, which based on my own real-world tests just means that the test is flawed. It would be great if someone could reproduce the issue independently though.

NB: The test failure is unrelated.

[philippjfr]

It would be good to figure out in what way the test is flawed. My suspicion is that the test correctly configures the proxy in a way that's a) not documented and b) isn't the case in your setup. What I suspect is making it work is this:

            {"handler": "rewrite", "strip_path_prefix": "/proxy"},

which strips the /proxy prefix when it forwards the request.

[TheoMathurin]

Indeed with this reverse proxy config, the issue cannot occur since the application is accessed at a path that corresponds to the application name (/proxy/app_name rewritten as /app_name).

The configuration could be modified to make the test more general. I will experiment and come up with a configuration proposal against which basic auth and OAuth modules should be tested.

Edit: it may not be straightforward, because ideally, the reverse proxy rule should know of the application name, whereas currently it is set up before it could be known based on the temporary file name.