henalbrod
commented
5 years ago Hi, could you please elaborate or give some example of the potential use cases that would require this features? Thanks.
Closed megafetis closed 5 years ago
henalbrod
commented
5 years ago Hi, could you please elaborate or give some example of the potential use cases that would require this features? Thanks.
megafetis
commented
5 years ago Hello! In ClientOptions.cs:
public bool UseHttps { get; set; } = true;In AuthenticationServiceBase.cs:
// in constructor
this._protocol = settings.UseHttps ? "https" : "http";
// when generating auth url
var url = $"{_protocol}://{clientSettings.Auth0Domain}/authorize?" + "...";Use cases - my test identity server is working without https in test mode
henalbrod
commented
5 years ago Hi,
I'm afraid the auth URL cannot be other than https (even if you call it via http it redirects to https).
You said your test identity server is http only, I would like to know, how the https endpoint is affecting your implementation?
Regarding the client secret:
Currently, the component doesn't requires it, even the core hosted example uses the intrisic behavior of .Net authentication to verify the token signature.
If the client secret is something you require in your implementation then I can recommend you to use .Net Secrets or including it via environment variables.
henalbrod
commented
5 years ago Closing this as no new comments were added
Generated auth url is only for https//:{domain}. Please add http
If possible, add suport for client secret string property in options. (additionally)