From 1366d3afcf4ab45a2d164dcfe62777cfd2013a43 Mon Sep 17 00:00:00 2001 From: Frederik Prijck Date: Tue, 13 Aug 2024 15:22:12 +0200 Subject: [PATCH 1/3] Add FAQ for reverse proxy --- FAQ.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 FAQ.md diff --git a/FAQ.md b/FAQ.md new file mode 100644 index 0000000..0d87766 --- /dev/null +++ b/FAQ.md @@ -0,0 +1,18 @@ +# Frequently Asked Questions +- [Reverse Proxy](#reverse-proxy) + +## Reverse Proxy + +It may happen that you are using our SDK with an application that is running behind a reverse proxy. If that is the case, and the Redirect Uri is not the one you'd expect (e.g. `http` instead of `https`, or an incorrect domain such as `localhost`, `127.0.0.1` or anything unexpected), you want to ensure both the reverse proxy and ASP.NET are configured correctly. + +Here are some helpful resources: +- https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/proxy-load-balancer?view=aspnetcore-8.0 +- https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/linux-nginx?view=aspnetcore-8.0&tabs=linux-ubuntu#configure-nginx + + Additiobnally, to help troubleshoot, you can have a look at what is going on: + +- `CallbackPath = "/callback"` is passed to our SDK (or omits it to use `/callback` as a default) +- Our SDK passes it down to the ASP.NET Framework as-is [here](https://github.com/auth0/auth0-aspnetcore-authentication/blob/main/src/Auth0.AspNetCore.Authentication/AuthenticationBuilderExtensions.cs#L93), and this is then passed to `BuildRedirectUri` inside the ASP.NET Framework [here](https://github.com/dotnet/aspnetcore/blob/main/src/Security/Authentication/OpenIdConnect/src/OpenIdConnectHandler.cs#L403) +- The `BuildRedirectUri` looks like [this](https://github.com/dotnet/aspnetcore/blob/main/src/Security/Authentication/Core/src/AuthenticationHandler.cs#L196-L197). + +What is going on is that the reverse proxy is misconfigured and `Request.Host` or `Request.Scheme` show incorerect values because the ForwardHeaders are not configured correctly. You can verify this by looking at the value of `Request.Host` and `Request.Scheme` in any of your own code. From 3a9db58bde15f5438b8b16fccbac658c7d98f674 Mon Sep 17 00:00:00 2001 From: Frederik Prijck Date: Tue, 13 Aug 2024 15:29:11 +0200 Subject: [PATCH 2/3] Update FAQ.md --- FAQ.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/FAQ.md b/FAQ.md index 0d87766..01bf96d 100644 --- a/FAQ.md +++ b/FAQ.md @@ -9,7 +9,7 @@ Here are some helpful resources: - https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/proxy-load-balancer?view=aspnetcore-8.0 - https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/linux-nginx?view=aspnetcore-8.0&tabs=linux-ubuntu#configure-nginx - Additiobnally, to help troubleshoot, you can have a look at what is going on: +Additionally, to help troubleshoot, you can have a look at what is going on: - `CallbackPath = "/callback"` is passed to our SDK (or omits it to use `/callback` as a default) - Our SDK passes it down to the ASP.NET Framework as-is [here](https://github.com/auth0/auth0-aspnetcore-authentication/blob/main/src/Auth0.AspNetCore.Authentication/AuthenticationBuilderExtensions.cs#L93), and this is then passed to `BuildRedirectUri` inside the ASP.NET Framework [here](https://github.com/dotnet/aspnetcore/blob/main/src/Security/Authentication/OpenIdConnect/src/OpenIdConnectHandler.cs#L403) From 331114fe5e9f3f6ccf4cc9ba7b41f2f18baa1713 Mon Sep 17 00:00:00 2001 From: Frederik Prijck Date: Tue, 13 Aug 2024 15:29:58 +0200 Subject: [PATCH 3/3] Update FAQ.md --- FAQ.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/FAQ.md b/FAQ.md index 01bf96d..a9fa22a 100644 --- a/FAQ.md +++ b/FAQ.md @@ -15,4 +15,4 @@ Additionally, to help troubleshoot, you can have a look at what is going on: - Our SDK passes it down to the ASP.NET Framework as-is [here](https://github.com/auth0/auth0-aspnetcore-authentication/blob/main/src/Auth0.AspNetCore.Authentication/AuthenticationBuilderExtensions.cs#L93), and this is then passed to `BuildRedirectUri` inside the ASP.NET Framework [here](https://github.com/dotnet/aspnetcore/blob/main/src/Security/Authentication/OpenIdConnect/src/OpenIdConnectHandler.cs#L403) - The `BuildRedirectUri` looks like [this](https://github.com/dotnet/aspnetcore/blob/main/src/Security/Authentication/Core/src/AuthenticationHandler.cs#L196-L197). -What is going on is that the reverse proxy is misconfigured and `Request.Host` or `Request.Scheme` show incorerect values because the ForwardHeaders are not configured correctly. You can verify this by looking at the value of `Request.Host` and `Request.Scheme` in any of your own code. +What is going on is that the reverse proxy is misconfigured and `Request.Host` or `Request.Scheme` show incorrect values because the ForwardHeaders are not configured correctly. You can verify this by looking at the value of `Request.Host` and `Request.Scheme` in any of your own code.