endless redirect on keycloak 3.1.0 with reverse pr

I am using keycloak 3.1.0 Final I am checking the working of openid connect in keycloak. But got stuck in the middle.

Everything works fine when keycloak and spring-boot running in localhost (meaning spring-boot's auth-server-url = localhost:8080/auth and redirect url etc in keycloak also are pointing to localhost* ). Now I wanted to check by putting both of them behind Reverse proxy server (Nginx)

I am starting keycloak in standalone mode using the command:

bin/standalone.sh -b=0.0.0.0

I have a simple spring boot application with the application.properties file as something like this:

server.port = 8001

keycloak.auth-server-url=http://myserver.com/auth
keycloak.realm=myrealm
keycloak.resource=web-app

keycloak.ssl-required=none
keycloak.credentials.secret=aaaaa-bbb-cccc-dddd-eeeeeeee
keycloak.use-resource-role-mappings=true

In Keycloak I created a realm myrealm with a client called web-app

I wanted to work with http only (no https).

Most of the are default. The only things which are worth mentioning are :

Require SSL in realm settings to None.
access type in client is set to confidential
client protocol is openid connect
redirect uri is http://myserver.com/myapp
client authenticator is based on clientID and secret.

On the Nginx side I have a simple conf file:

Please note I am setting the $Host to $host/myapp. otherwise keycloak was not able to get redirect properly to myapp.

    server {
    listen       80;
    server_name  myserver.com;

   location /myapp {
        proxy_set_header        Host               $host/myapp;
        proxy_set_header        X-Real-IP          $remote_addr;
        proxy_set_header        X-Forwarded-For    $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Host   $host;
        proxy_set_header        X-Forwarded-Server $host;
        proxy_set_header        X-Forwarded-Port   80;
        proxy_set_header        X-Forwarded-Proto  http;

        proxy_pass              http://localhost:8001/;

    }

   location /auth {
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host   $host;
        proxy_set_header X-Forwarded-Proto $scheme;

        proxy_pass              http://localhost:8080;
    }
}

So far I am able to see the login page of keycloak. I enter user name and password. Then in the browser I see several redirects happening.

spring boot logs say No State cookie

I see the following network calls going on in a loop until the browser stops eventually.

/auth/realms/myrealm/login-actions/authenticate?code=o2M-zFsbBdHYx1VTacW9JANrsLHM3S1DIF6Geg4mn3E.27593a49-58c6-4217-9c4c-da1e95c2b97c&execution=10865b14-0a24-4eee-b93c-df811d2ddb51

/myapp/sso/login?state=d61d9b7e-a872-443a-8718-2345f29905ad&code=oe8vgQf7URXcHvQtCw1HVJN5mCGEsBgfcVK9AaErKY4.27593a49-58c6-4217-9c4c-da1e95c2b97c

/myapp/sso/login

Can anyone please guide me on what am I missing.