fix: prefer forwarded swagger base url

Author: gabedalmolin

src/docs/swagger.ts

@@ -12,16 +12,32 @@ type SwaggerRequestLike = {
   get(name: string): string | undefined;
 };
 
+const getForwardedHeaderValue = (
+  request: SwaggerRequestLike,
+  name: string,
+): string | undefined => {
+  const value = request.get(name)?.trim();
+
+  if (!value) {
+    return undefined;
+  }
+
+  return value.split(",")[0]?.trim() || undefined;
+};
+
 export const resolveSwaggerBaseUrl = (
   request: SwaggerRequestLike,
 ): string => {
-  const host = request.get("host");
+  const protocol =
+    getForwardedHeaderValue(request, "x-forwarded-proto") ?? request.protocol;
+  const host =
+    getForwardedHeaderValue(request, "x-forwarded-host") ?? request.get("host");
 
   if (!host) {
     return LOCAL_SWAGGER_SERVER.url;
   }
 
-  return `${request.protocol}://${host}`;
+  return `${protocol}://${host}`;
 };
 
 export const buildSwaggerSpec = (baseUrl: string = LOCAL_SWAGGER_SERVER.url) => {

tests/contracts/swagger.test.ts

@@ -43,6 +43,29 @@ describe("swagger spec", () => {
     expect(baseUrl).toBe("https://auth-api-production-a97b.up.railway.app");
   });
 
+  it("prefers forwarded host and proto when present", () => {
+    const baseUrl = resolveSwaggerBaseUrl({
+      protocol: "http",
+      get(header: string) {
+        if (header === "x-forwarded-proto") {
+          return "https, http";
+        }
+
+        if (header === "x-forwarded-host") {
+          return "auth-api-production-a97b.up.railway.app, internal.railway";
+        }
+
+        if (header === "host") {
+          return "internal.railway";
+        }
+
+        return undefined;
+      },
+    });
+
+    expect(baseUrl).toBe("https://auth-api-production-a97b.up.railway.app");
+  });
+
   it("falls back to the local server when the host header is unavailable", () => {
     const baseUrl = resolveSwaggerBaseUrl({
       protocol: "https",