Merge pull request 'Forced proto callback' (#13) from notifications into master

Reviewed-on: #13

ShopAdmin/Program.cs

@@ -1,6 +1,5 @@
 using LiteCharms.Features.Extensions;
 using LiteCharms.Features.Mediator;
-using Microsoft.AspNetCore.Authentication;
 using ShopAdmin.Components;
 using static LiteCharms.Features.Email.Extensions.Constants;
 
@@ -78,10 +77,21 @@ builder.Services.AddAuthentication(options =>
             var idToken = await callbackContext.HttpContext.GetTokenAsync("id_token");
 
             if (!string.IsNullOrEmpty(idToken)) callbackContext.ProtocolMessage.IdTokenHint = idToken;
+
+            if (callbackContext.ProtocolMessage.RedirectUri.StartsWith("http://"))
+            {
+                callbackContext.ProtocolMessage.RedirectUri = callbackContext.ProtocolMessage.RedirectUri.Replace("http://", "https://");
+            }
         }
     };
 });
 
+builder.Services.Configure<ForwardedHeadersOptions>(options =>
+{
+    options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
+    options.KnownProxies.Clear();
+});
+
 var app = builder.Build();
 
 var schedulerFactory = app.Services.GetRequiredService<ISchedulerFactory>();
@@ -105,6 +115,7 @@ app.UseStatusCodePagesWithReExecute("/not-found", createScopeForStatusCodePages:
 
 app.UseHttpsRedirection();
 app.UseAntiforgery();
+app.UseForwardedHeaders();
 
 app.UseAuthentication();
 app.UseAuthorization();

ShopAdmin/ShopAdmin.csproj

@@ -57,6 +57,8 @@
 
   <!-- Shared Global Usings -->
   <ItemGroup>
+    <Using Include="Microsoft.AspNetCore.HttpOverrides" />
+    <Using Include="Microsoft.AspNetCore.Authentication" />
     <Using Include="Blazored.Toast" />
     <Using Include="Quartz" />
     <Using Include="Mediator" />