ASP.Net Identity Login Redirect Enforce Protocol (Https) Part 2 (.Net 6++)
Prior reference (.Net Framework/ASP.Net MVC): ASP.Net Identity Login Redirect Enforce Protocol (Https)
It seems this is still an "issue" in .Net 6+. There are cases where the return url constructed by the infrastructure results in an http scheme/protocol instead of https for oauth/external logins (Google, etc). This obviously fails because it must be https.
While I haven't gone deep into things, because I haven't found the source code for it (yet?), it's likely the same "issue" - at the app level, it doesn't "see" a https request (because SSL is offloaded somewhere) and therefore the url created "matches" the scheme/protocol, resulting in an http redirect url.
End of day, whatever hosting infrastrucutre/configuration my host has is in place is beyond my control. Therefore, the ultimate goal is to force https (hard code, skip/override whatever scheme/protocol check/eval in place).
There's nothing special in my setup and it's working fine in local/dev (https) testing. It's only when the application is finally hosted (production):
In startup program.cs this is the only related code I have for external login (along with the scaffolding/templates of the identity package):
builder.Services.AddDefaultIdentity<ApplicationUser>(options => options.SignIn.RequireConfirmedAccount = true)
.AddEntityFrameworkStores<my_db_context>();
builder.Services.AddAuthentication().AddGoogle(goog =>
{
goog.ClientId = builder.Configuration["GoogleAuthClientId"];
goog.ClientSecret = builder.Configuration["GoogleAuthClientSecret"];
});
The issue:
- the origin is
https - the redirect uri sent to Google Auth is
http- this will always fail
Can anyone point me to relevant docs/source on how to add/override options in .Net 6 and above? (similar to prior implementations in .Net Framework/MVC)?
The answer is in the comment by @Tratcher:
Official Ref: Configure ASP.NET Core to work with proxy servers and load balancers
Essentially: ForwardedHeadersMiddleware
For my specific case:
In some cases, it might not be possible to add forwarded headers to the requests proxied to the app. If the proxy is enforcing that all public external requests are HTTPS, the scheme can be manually set before using any type of middleware:
... app.Use((context, next) => { context.Request.Scheme = "https"; return next(context); }); ...
- Redis cache in .NET 8 is not taking effect?
- Use React Authentication with .NET backend?
- List users with roles in a razor page using asp.net 6.0 Identity
- Correct handling of formless AJAX POST and AntiForgery in C# Razor Pages
- how to load partial view in ajax in asp.net core
- Entity Framework Core multiple connection strings on same DBContext?
- error A value of type 'int' cannot be used as a default parameter because there are no standard conversions to type
- What is this string inside Blazor components HTML tag
- Blazor Server: Breadcrumb change using JavaScript persists across pages
- .net blazor new debug profile lacks .css .js why?
- How to get results from a Postgresql function using EF Core?
- ASP Net identity two factor authentication last expired token is getting validated successfully
- Why string property must be declared as nullable string in Entity Framework Core when corresponding database table column is nullable
- HTTP Error 500.30 - ASP.NET Core app failed to start(abp-commercial)
- How to Configure Swagger to Display Different Model Classes Based on Content Type in .NET API
- How to register multiple implementations of the same interface with different dependencies
- How to remove UserName field from asp.net core 3 Identity
- Difference between BadRequestResult and BadRequestObjectResult
- Where do custom metrics I did not set come from
- How to force Visual Studio to re-create the SSL certificate for a .NET Core Web Application running Kestrel?
- How to map a user attribute to a standard OIDC claim in keycloak
- How to mock service injected by HttpContext.RequestServices.GetService<> in derived controller?
- ASP. NET Core 8: Error HTTP 500 and returnurl=%2F in the URL
- Asp Core, How to use PagingList<T>.CreateAsync() with a viewModel?
- Why is Application Insights showing no events
- ASP.NET Core - error 404.15 after adding authorization services
- Why am I getting this Content Policy error?
- SignalR hub connection StateChanged not working client
- Why is this API considered having ambiguous method/path combination when the names and routes are different?
- How to use "TypedHttpClientFactory" with "AddHttpMessageHandler"?