I was recently working on a project that involved using the Forwarded and X-Forwarded-* headers in a multi-reverse proxy setup. I was having some trouble getting the OAuth2 redirect URL to work correctly, and I eventually realized that it was due to a confusion between the two headers.