Hello,
I managed to solve the problem by adding this code to auth server to run in https.
if (!env.IsDevelopment())
{
app.Use((ctx, next) =>
{
/* This application should act like it is always called as HTTPS.
* Because it will work in a HTTPS url in production,
* but the HTTPS is stripped out in Ingress controller.
*/
ctx.Request.Scheme = "https";
return next();
});
}
Also i change the health checks code in all services and apps to this.
settings.AddHealthCheckEndpoint("AuthServer Health Status", $"http://{Dns.GetHostName()}{healthCheckUrl}");
I have checked all the possible problems above and I can't fix it.
When I click on the login option from the Blazor UI, I noticed that the redirect URL is in http and it is forwarded to https.
Also the openid config json file is
{ "issuer": "https://auth.dreamlist.gr/", "authorization_endpoint": "http://auth.dreamlist.gr/connect/authorize", "token_endpoint": "http://auth.dreamlist.gr/connect/token", "introspection_endpoint": "http://auth.dreamlist.gr/connect/introspect", "end_session_endpoint": "http://auth.dreamlist.gr/connect/endsession", "revocation_endpoint": "http://auth.dreamlist.gr/connect/revocat", "userinfo_endpoint": "http://auth.dreamlist.gr/connect/userinfo", "device_authorization_endpoint": "http://auth.dreamlist.gr/device", "jwks_uri": "http://auth.dreamlist.gr/.well-known/jwks", "grant_types_supported": [ "authorization_code", "implicit", "password", "client_credentials", "refresh_token", "urn:ietf:params:oauth:grant-type:device_code", "LinkLogin", "Impersonation" ], "response_types_supported": [ "code", "code id_token", "code id_token token", "code token", "id_token", "id_token token", "token", "none" ], "response_modes_supported": [ "query", "form_post", "fragment" ], "scopes_supported": [ "openid", "offline_access", "email", "profile", "phone", "roles", "address", "AuthServer", "IdentityService", "AdministrationService", "CrmService", "SaasService", "AuditLoggingService", "GdprService", "FileManagementService", "LanguageService", "ChatService" ], "claims_supported": [ "aud", "exp", "iat", "iss", "sub" ], "id_token_signing_alg_values_supported": [ "RS256" ], "code_challenge_methods_supported": [ "plain", "S256" ], "subject_types_supported": [ "public" ], "prompt_values_supported": [ "consent", "login", "none", "select_account" ], "token_endpoint_auth_methods_supported": [ "client_secret_post", "private_key_jwt", "client_secret_basic" ], "introspection_endpoint_auth_methods_supported": [ "client_secret_post", "private_key_jwt", "client_secret_basic" ], "revocation_endpoint_auth_methods_supported": [ "client_secret_post", "private_key_jwt", "client_secret_basic" ], "device_authorization_endpoint_auth_methods_supported": [ "client_secret_post", "private_key_jwt", "client_secret_basic" ], "claims_parameter_supported": false, "request_parameter_supported": false, "request_uri_parameter_supported": false, "tls_client_certificate_bound_access_tokens": false, "authorization_response_iss_parameter_supported": true }
I have checked all the appsettings and everything is in https. I've searched for the problem and it seems like everything is set up correctly on https. I don't know what else to look for to find what's wrong.
