Open Closed

SSL Offloading - OpenIddict: "This server only accepts HTTPS requests." #5379


User avatar
1
dan@dancaron.com created
  • ABP Framework version: v7.3.0-rc.1
  • UI type: MVC
  • DB provider: EF Core / Azure SQL Database
  • Tiered (MVC) or Identity Server Separated (Angular): yes
  • Exception message and stack trace:
  • 2023-07-08 21:40:47.915 +00:00 [INF] Request starting HTTP/1.1 GET http://auth-staging.mysite.com/.well-known/openid-configuration - - 2023-07-08 21:40:47.916 +00:00 [DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessRequestContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ResolveRequestUri. 2023-07-08 21:40:47.916 +00:00 [DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+ResolveRequestUri. 2023-07-08 21:40:47.916 +00:00 [INF] The request URI matched a server endpoint: "Configuration". 2023-07-08 21:40:47.916 +00:00 [DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.OpenIddictServerHandlers+InferEndpointType. 2023-07-08 21:40:47.916 +00:00 [DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by Volo.Abp.Account.Web.Pages.Account.OpenIddictImpersonateInferEndpointType. 2023-07-08 21:40:47.916 +00:00 [DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+ValidateTransportSecurityRequirement. 2023-07-08 21:40:47.916 +00:00 [DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was marked as rejected by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+ValidateTransportSecurityRequirement. 2023-07-08 21:40:47.916 +00:00 [DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessErrorContext was successfully processed by OpenIddict.Server.OpenIddictServerHandlers+AttachErrorParameters. 2023-07-08 21:40:47.916 +00:00 [DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessErrorContext was successfully processed by OpenIddict.Server.OpenIddictServerHandlers+AttachCustomErrorParameters. 2023-07-08 21:40:47.916 +00:00 [DBG] The event OpenIddict.Server.OpenIddictServerEvents+ApplyConfigurationResponseContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+AttachHttpResponseCode1[[OpenIddict.Server.OpenIddictServerEvents+ApplyConfigurationResponseContext, OpenIddict.Server, Version=4.4.0.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]]. 2023-07-08 21:40:47.916 +00:00 [DBG] The event OpenIddict.Server.OpenIddictServerEvents+ApplyConfigurationResponseContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+AttachWwwAuthenticateHeader1[[OpenIddict.Server.OpenIddictServerEvents+ApplyConfigurationResponseContext, OpenIddict.Server, Version=4.4.0.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]]. 2023-07-08 21:40:47.916 +00:00 [INF] The response was successfully returned as a JSON document: { "error": "invalid_request", "error_description": "This server only accepts HTTPS requests.", "error_uri": "https://documentation.openiddict.com/errors/ID2083" }.
  • Steps to reproduce the issue:
  • Site is deployed in Azure with Application Gateway handling HTTPS on front end (SSL offloading) and HTTP on back end.
  • 3 Tiers - Auth, API, and Web - all running in Azure App Service Plan - as separate web apps
  • AuthServer:RequireHttpsMetadata is set to false
  • The SSL offloading is working on all 3 tiers, except it fails with above exception when I try to login

No answer yet!
Made with ❤️ on ABP v9.1.0-preview. Updated on December 10, 2024, 06:38