Merge pull request 'Forcing https' (#14 ) from notifications into master

Reviewed-on: #14
Forcing https
2026-05-17 11:06:46 +02:00 · 2026-05-17 11:06:05 +02:00
1 changed files with 8 additions and 18 deletions
@@ -65,26 +65,16 @@ builder.Services.AddAuthentication(options =>
        RoleClaimType = "groups"
    };
-    options.Events = new OpenIdConnectEvents
+    builder.Services.AddOptions<OpenIdConnectOptions>(OpenIdConnectDefaults.AuthenticationScheme).Configure(options =>
    {
-        OnRedirectToIdentityProviderForSignOut = async callbackContext =>
+        options.Events.OnRedirectToIdentityProvider = context =>
        {
-            var request = callbackContext.Request;
+            context.ProtocolMessage.RedirectUri = context.ProtocolMessage.RedirectUri.Replace("http://", "https://");
            string currentBaseUrl = $"{request.Scheme}://{request.Host}{request.PathBase}/";
-            callbackContext.ProtocolMessage.PostLogoutRedirectUri = currentBaseUrl;
+            return Task.CompletedTask;
            var idToken = await callbackContext.HttpContext.GetTokenAsync("id_token");
            if (!string.IsNullOrEmpty(idToken)) callbackContext.ProtocolMessage.IdTokenHint = idToken;
            if (callbackContext.ProtocolMessage.RedirectUri.StartsWith("http://"))
            {
                callbackContext.ProtocolMessage.RedirectUri = callbackContext.ProtocolMessage.RedirectUri.Replace("http://", "https://");
            }
        }
         };
    });
 });
 builder.Services.Configure<ForwardedHeadersOptions>(options =>
 {
@@ -128,7 +118,7 @@ app.MapGet("/auth/logout", async (HttpContext context) =>
 {
    await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
-    string currentBaseUrl = $"{context.Request.Scheme}://{context.Request.Host}{context.Request.PathBase}/";
+    string currentBaseUrl = $"https://{context.Request.Host}{context.Request.PathBase}/";
    await context.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
    {
Author	SHA1	Message	Date
khwezi	3e1b2eb48c	Merge pull request 'Forcing https' (#14 ) from notifications into master Reviewed-on: #14	2026-05-17 11:06:46 +02:00
Khwezi Mngoma	fc884c2350	Forcing https continuous-integration/drone/pr Build is passing Details	2026-05-17 11:06:05 +02:00