从NGINX代理后面通过.NET Core连接到Azure B2C [英] Connecting to Azure B2C, with .NET Core from behind a NGINX Proxy
问题描述
几乎可以正常工作.差不多.
我的设置是我已经设置了Azure B2C租户,并且进行了一些修改示例代码.所有这些都可以在本地使用本地主机uri正常工作.
我的远程设置是Ubuntu 16.01服务器,其中Nginx 1.10.0 Web服务器充当.NET Core 1.0.4的反向代理,并且全部具有LetsEncrypt SSL证书.
代理可以很好地为.NET项目提供服务,但是当我点击登录时,它将带我使用错误的redirect_url转到B2C登录.
我希望该值反映设置文件"https.sub.host.suffix/signin-oidc"中的内容,而不是"http.sub.host.suffix,sub.host.suffix" /signin-oidc"
任何想法或建议表示赞赏!
如果NGINX正在卸载SSL/TLS,然后调用.NET Core应用,请检查是否有可能通过打开的HTTP(端口80)来完成此操作. >
您要么需要始终确保HTTPS,要么发信号通知HTTPS方案被触发(如果调用了HTTP端点).
.NET Core应用程序通过HTTP端点获取请求时,由它创建的每个URI都将保持相同的方案.因此,您需要在链接建立时强制使用https://.
希望有帮助!
Almost have this working. Almost.
My set up is that I have an Azure B2C Tenant set up, and some modified example code that I've changed to reflect the Tenant information. This all works fine locally, with a localhost uri.
My remote set up is a Ubuntu 16.01 server, with a Nginx 1.10.0 webserver acting as a reverse proxy to a .NET Core 1.0.4 and all with a LetsEncrypt SSL cert.
The proxy serves .NET projects fine, however when I hit the sign in it takes me over to the B2C login with an incorrect redirect_url.
I'd expect the value to reflect what is in the settings file, "https.sub.host.suffix/signin-oidc" instead I'm getting "http.sub.host.suffix,sub.host.suffix/signin-oidc"
Any ideas or suggestions appreciated!
If NGINX is offloading SSL/TLS and then calling the .NET Core app, check as most probably is doing it through open HTTP (port 80).
You either need to ensure HTTPS all-the-way, or signal an HTTPS scheme to get triggered if HTTP endpoint was called.
As the .NET Core App gets a request through an HTTP endpoint, every URI created by it will keep that same scheme. So, you'll need to force https:// at link building time.
Hope it helps!
这篇关于从NGINX代理后面通过.NET Core连接到Azure B2C的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
