kevinchalet
commented
7 years ago Hey.
This scenario is best handled by creating a middleware that restores the "real" (read public) URL before the rest of the ASP.NET Core pipeline starts using it. You can take a look at https://github.com/aspnet/BasicMiddleware/blob/dev/src/Microsoft.AspNetCore.HttpOverrides/ForwardedHeadersMiddleware.cs to see how it can be implemented.
senj
Hello, I try to use the UseOpenIdConnectAuthentication Middleware behind a reverse proxy, so the public URL differs from the internal one. If I authenticate, I get a redirectUrl of my local IP address, not the external URL. After authenticating at the STS, the redirect is also to the internalUrl/signin-oidc with a 404. Instead of the internal IP, the MW should use the external URL.
Maybe I can replace the URL in OnRedirect?