Merge pull request 'Forcing https' (#14 ) from notifications into master

Reviewed-on: #14
Forcing https
2026-05-17 11:06:46 +02:00 · 2026-05-17 11:06:05 +02:00 · 2026-05-17 09:01:04 +02:00 · 2026-05-17 09:00:41 +02:00 · 2026-05-17 08:48:01 +02:00 · 2026-05-17 08:47:20 +02:00
2 changed files with 16 additions and 13 deletions
@@ -1,6 +1,5 @@
 using LiteCharms.Features.Extensions;
 using LiteCharms.Features.Mediator;
-using Microsoft.AspNetCore.Authentication;
 using ShopAdmin.Components;
 using static LiteCharms.Features.Email.Extensions.Constants;

@@ -66,20 +65,21 @@ builder.Services.AddAuthentication(options =>
        RoleClaimType = "groups"
    };

-    options.Events = new OpenIdConnectEvents
+    builder.Services.AddOptions<OpenIdConnectOptions>(OpenIdConnectDefaults.AuthenticationScheme).Configure(options =>
    {
-        OnRedirectToIdentityProviderForSignOut = async callbackContext =>
+        options.Events.OnRedirectToIdentityProvider = context =>
        {
-            var request = callbackContext.Request;
-            string currentBaseUrl = $"{request.Scheme}://{request.Host}{request.PathBase}/";
+            context.ProtocolMessage.RedirectUri = context.ProtocolMessage.RedirectUri.Replace("http://", "https://");
            
-            callbackContext.ProtocolMessage.PostLogoutRedirectUri = currentBaseUrl;
+            return Task.CompletedTask;
+         };
+    });
+});

-            var idToken = await callbackContext.HttpContext.GetTokenAsync("id_token");
-
-            if (!string.IsNullOrEmpty(idToken)) callbackContext.ProtocolMessage.IdTokenHint = idToken;
-        }
-    };
+builder.Services.Configure<ForwardedHeadersOptions>(options =>
+{
+    options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
+    options.KnownProxies.Clear();
 });

 var app = builder.Build();
@@ -105,6 +105,7 @@ app.UseStatusCodePagesWithReExecute("/not-found", createScopeForStatusCodePages:

 app.UseHttpsRedirection();
 app.UseAntiforgery();
+app.UseForwardedHeaders();

 app.UseAuthentication();
 app.UseAuthorization();
@@ -117,7 +118,7 @@ app.MapGet("/auth/logout", async (HttpContext context) =>
 {
    await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);

-    string currentBaseUrl = $"{context.Request.Scheme}://{context.Request.Host}{context.Request.PathBase}/";
+    string currentBaseUrl = $"https://{context.Request.Host}{context.Request.PathBase}/";

    await context.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
    {
@@ -57,6 +57,8 @@

  <!-- Shared Global Usings -->
  <ItemGroup>
+    <Using Include="Microsoft.AspNetCore.HttpOverrides" />
+    <Using Include="Microsoft.AspNetCore.Authentication" />
    <Using Include="Blazored.Toast" />
    <Using Include="Quartz" />
    <Using Include="Mediator" />
Author	SHA1	Message	Date
khwezi	3e1b2eb48c	Merge pull request 'Forcing https' (#14 ) from notifications into master Reviewed-on: #14	2026-05-17 11:06:46 +02:00
Khwezi Mngoma	fc884c2350	Forcing https continuous-integration/drone/pr Build is passing Details	2026-05-17 11:06:05 +02:00
khwezi	2d833d3a90	Merge pull request 'Forced proto callback' (#13 ) from notifications into master Reviewed-on: #13	2026-05-17 09:01:04 +02:00
Khwezi Mngoma	c152018be8	Forced proto callback continuous-integration/drone/pr Build is passing Details	2026-05-17 09:00:41 +02:00
khwezi	aa7b3f3d68	Merge pull request 'Added support for header forwarding' (#12 ) from notifications into master Reviewed-on: #12	2026-05-17 08:48:01 +02:00
Khwezi Mngoma	c7f4aad99d	Added support for header forwarding continuous-integration/drone/pr Build is passing Details	2026-05-17 08:47:20 +02:00