allow large tokens to pass through nginx (#1550)

* allow large tokens to pass through nginx

* improve comment

---------

Co-authored-by: burnettk <burnettk@users.noreply.github.com>

spiffworkflow-backend/bin/local_development_environment_setup

@@ -32,7 +32,7 @@ if [[ "$process_model_dir" == "acceptance" ]]; then
   export SPIFFWORKFLOW_BACKEND_LOAD_FIXTURE_DATA=true
   export SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME=acceptance_tests.yml
 elif [[ "$process_model_dir" == "localopenid" ]]; then
-  backend_base_url="$SPIFFWORKFLOW_BACKEND_URL"
+  backend_base_url="${SPIFFWORKFLOW_BACKEND_URL:-}"
   if [[ -z "$backend_base_url" ]]; then
     backend_base_url="http://localhost:$port"
   fi

spiffworkflow-frontend/docker_build/nginx.conf.template

@@ -1,7 +1,13 @@
 server {
-   listen {{SPIFFWORKFLOW_FRONTEND_INTERNAL_PORT}};
+    listen {{SPIFFWORKFLOW_FRONTEND_INTERNAL_PORT}};
     server_name localhost;
 
+    # The default is 4 8k, which isn't quite enough for all openid tokens
+    # nginx config docs: https://nginx.org/en/docs/http/ngx_http_core_module.html#large_client_header_buffers
+    # repro: curl -s "http://localhost:8001/?token=$(perl -e 'print "a"x8200')"
+    # previously returned nginx error in response body: 414 Request-URI Too Large
+    large_client_header_buffers 4 16k;
+
     location / {
         root /usr/share/nginx/html;
         try_files $uri $uri/ /index.html;