Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature Request] ForceHttpsRedirectUris option to elegantly enable container deployments #175

Closed
jmprieur opened this issue May 26, 2020 · 2 comments
Closed

[Feature Request] ForceHttpsRedirectUris option to elegantly enable container deployments #175

jmprieur opened this issue May 26, 2020 · 2 comments
Assignees
@pmaytak
Labels
enhancement New feature or request fixed scenario: azure
Milestone
0.1.5-preview

Comments

@jmprieur
Copy link
Collaborator

Initially raised by @krispenner in #115 (comment)

Is your feature request related to a problem? Please describe.
For many people who only want to ensure https is used (instead of http) like myself as I'm running in a Docker container hosted in Azure App Service. I think a simpler option such as ForceHttpsRedirectUris = true in the configuration/options would be simpler. It would remove the need to specify the full absolute URI just to ensure https is used allowing the computed redirect URI to stay and just upgrade it to https. I'm concerned with managing the absolute URIs across configuration files and environments - relative paths as so much friendlier.

Describe the solution you'd like
Here is what I've currently done which solved my issue of http being used when in a Docker container:

services.Configure(OpenIdConnectDefaults.AuthenticationScheme,
options => {
var redirectToIdpHandler = options.Events.OnRedirectToIdentityProvider;
options.Events.OnRedirectToIdentityProvider = async context =>
{
// Call what Microsoft.Identity.Web is doing
await redirectToIdpHandler(context);

        // Override the redirect URI to be what you want
        if (context.ProtocolMessage?.RedirectUri?.StartsWith("http://") ?? false)
        {
            context.ProtocolMessage.RedirectUri = context.ProtocolMessage.RedirectUri.Replace("http://", "https://");
        }
    };

    var redirectToIdpForSignOutHandler = options.Events.OnRedirectToIdentityProviderForSignOut;
    options.Events.OnRedirectToIdentityProviderForSignOut = async context =>
    {
        // Call what Microsoft.Identity.Web is doing
        await redirectToIdpForSignOutHandler(context);

        // Override the redirect URI to be what you want
        if (context.ProtocolMessage?.PostLogoutRedirectUri?.StartsWith("http://") ?? false)
        {
            context.ProtocolMessage.PostLogoutRedirectUri = context.ProtocolMessage.PostLogoutRedirectUri.Replace("http://", "https://");
        }
    };
});

Describe alternatives you've considered
Customers are not blocked as they can set the RedirectUri and PostLogoutRedirectUri

Additional context
This is a nice to have that would avoid devs maitaining multiple appsettings.json, in particular when there are several deployment slots ...
@jmprieur jmprieur added the enhancement New feature or request label May 26, 2020
@jmprieur jmprieur changed the title [Feature Request] [Feature Request] ForceHttpsRedirectUris option to elegantly enable container deployments May 26, 2020
@jmprieur jmprieur added this to the 0.1.6-preview milestone Jun 2, 2020
@pmaytak pmaytak self-assigned this Jun 5, 2020
@pmaytak pmaytak modified the milestones: 0.1.6-preview, 0.1.5-preview Jun 5, 2020
@jmprieur jmprieur mentioned this issue Jun 10, 2020
Closed
7 tasks
This was referenced Jun 11, 2020
Closed
Merged
@pmaytak pmaytak added fixed and removed In progress labels Jun 12, 2020
@pmaytak
Copy link
Contributor

pmaytak commented Jun 16, 2020

Included in Microsoft Identity Web 0.1.5-preview release.

cc: @mochr @BurritoSmith @krispenner @AAGhotkar @goshmiller @graemeWT

@pmaytak pmaytak closed this as completed Jun 16, 2020
@krispenner
Copy link

Thanks, works great!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pmaytak pmaytak

Labels
enhancement New feature or request fixed scenario: azure
Projects
None yet
Milestone
0.1.5-preview
Development

No branches or pull requests
3 participants
@krispenner @jmprieur @pmaytak