Vault OIDC login not working with redirects

[mr-karan]

Describe the bug
A clear and concise description of what the bug is.

This command used to work before v1.21.1 was released:

vault login -no-print -method=oidc role=dev

Going through the release notes, I think this is related to this change #17352

To Reproduce

I've the following URLs for Gitlab OIDC'S Redirect URI:

https://vault.org.told/ui/vault/auth/oidc/oidc/callback
http://localhost:8250/oidc/callback

On using vault login, I get the following error:

export VAULT_ADDR="https://vault.org.tld"
vault login -no-print -method=oidc role=dev    
Error authenticating: redirect would cause protocol downgrade

I tried cURLing to the endpoint and I can see the response from upstream is HTTP 307 as it redirects to /ui which is the default behaviour. So, I don't think I can set export VAULT_DISABLE_REDIRECTS=true as that is undesirable.

Expected behavior

Is there a way for the redirect to happen and the protocol be downgraded? As this was working fine before and is a sudden breaking change in 1.21 so I am hoping for a fix!

[mr-karan]

Ah, somehow the Vault instance were using old peers in my cluster config and that was resulting in this error. I checked vault logs and found this issue.

Can be closed, although this error message was weird and let me into believing something client side has changed.