How to force an HTTPS callback using Microsoft.AspNetCore.Authentication.Google? How to force an HTTPS callback using Microsoft.AspNetCore.Authentication.Google? nginx nginx

How to force an HTTPS callback using Microsoft.AspNetCore.Authentication.Google?


asp.net-mvc nginx asp.net-identity google-authentication

I finally figured it out.

Step 1: Make sure Nginx is sending the necessary forwarding headers, for example:

server {    # other stuff ...    location / {        # other stuff ...        proxy_set_header X-Forwarded-Proto $scheme;        # you could also just hardcode this to https if you only accept https    }}

Step 2: By default, AspNetCore will ignore these headers. Install the middleware that processes it:

PM> Install-Package Microsoft.AspNetCore.HttpOverrides

Step 3: in your Configure function, apply the middleware.

app.UseForwardedHeaders(new ForwardedHeadersOptions{    ForwardedHeaders = ForwardedHeaders.XForwardedProto});

This should correctly change the Context.Request.Scheme value to https, which will cause the authentication middleware to generate the correct redirect_uri.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last