From fc884c2350b866861cdcd3136f4b084ce4d9200c Mon Sep 17 00:00:00 2001
From: Khwezi Mngoma <khwezi@msn.com>
Date: Sun, 17 May 2026 11:06:05 +0200
Subject: [PATCH] Forcing https

---
 ShopAdmin/Program.cs | 26 ++++++++------------------
 1 file changed, 8 insertions(+), 18 deletions(-)

diff --git a/ShopAdmin/Program.cs b/ShopAdmin/Program.cs
index 4cf8172..fcd9856 100644
--- a/ShopAdmin/Program.cs
+++ b/ShopAdmin/Program.cs
@@ -65,25 +65,15 @@ builder.Services.AddAuthentication(options =>
         RoleClaimType = "groups"
     };
 
-    options.Events = new OpenIdConnectEvents
+    builder.Services.AddOptions<OpenIdConnectOptions>(OpenIdConnectDefaults.AuthenticationScheme).Configure(options =>
     {
-        OnRedirectToIdentityProviderForSignOut = async callbackContext =>
+        options.Events.OnRedirectToIdentityProvider = context =>
         {
-            var request = callbackContext.Request;
-            string currentBaseUrl = $"{request.Scheme}://{request.Host}{request.PathBase}/";
-
-            callbackContext.ProtocolMessage.PostLogoutRedirectUri = currentBaseUrl;
-
-            var idToken = await callbackContext.HttpContext.GetTokenAsync("id_token");
-
-            if (!string.IsNullOrEmpty(idToken)) callbackContext.ProtocolMessage.IdTokenHint = idToken;
-
-            if (callbackContext.ProtocolMessage.RedirectUri.StartsWith("http://"))
-            {
-                callbackContext.ProtocolMessage.RedirectUri = callbackContext.ProtocolMessage.RedirectUri.Replace("http://", "https://");
-            }
-        }
-    };
+            context.ProtocolMessage.RedirectUri = context.ProtocolMessage.RedirectUri.Replace("http://", "https://");
+            
+            return Task.CompletedTask;
+         };
+    });
 });
 
 builder.Services.Configure<ForwardedHeadersOptions>(options =>
@@ -128,7 +118,7 @@ app.MapGet("/auth/logout", async (HttpContext context) =>
 {
     await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
 
-    string currentBaseUrl = $"{context.Request.Scheme}://{context.Request.Host}{context.Request.PathBase}/";
+    string currentBaseUrl = $"https://{context.Request.Host}{context.Request.PathBase}/";
 
     await context.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
     {
-- 
2.47.3