Share via

Service Fabric asp.net core AAD

festivus 21 Reputation points
2020-08-18T20:49:19.873+00:00

I have an asp.net core app setup using kestrel. I'm using the service fabric reverse proxy to access it. i'm trying to use azure active directory for authentication. However, whenever the app attempts to login to aad, the redirecturi is always the address of the node instance instead of the reverse proxy url. how do i get the redirecturi to be the reverse proxy url?

Azure Service Fabric
Azure Service Fabric
An Azure service that is used to develop microservices and orchestrate containers on Windows and Linux.
252 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,852 questions
0 comments
Accepted answer
  1. Esben Bach 236 Reputation points
    2020-08-19T13:35:17.593+00:00

    I had the same issue once, i can provide you with some code that does the trick on my asp.net core 2.2 app.

    If the code does not work, the key thing to google is asp.net core authentication behind reverse proxy (ignore any service fabric stuff).

    In your ConfigureServices method

    services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
                    .AddAzureAD(options => Configuration.Bind("AzureAd", options));

                services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
                {
                    options.Authority = options.Authority + "/v2.0/";
                    options.TokenValidationParameters.ValidateIssuer = true;
                });

                services.Configure<ForwardedHeadersOptions>(options =>
                {
                    options.ForwardLimit = null;
                    options.RequireHeaderSymmetry = false;
                    options.KnownNetworks.Clear(); // This is not really that smart - we should probably add a list of known proxies/networks
                    options.KnownProxies.Clear();
                    options.ForwardedHeaders = ForwardedHeaders.XForwardedHost |
                        ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
                });

    And in your Configure method:

    app.UseForwardedHeaders();
                app.Use((context, next) =>
                {
var fabricServiceNinja = Environment.GetEnvironmentVariable("SOMEENVIRONMENTVAR");
var fabricServiceUri = new Uri(fabricServiceNinja);
var servicePathBase = fabricServiceUri.AbsolutePath;
context.Request.PathBase = new PathString(servicePathBase);
return next();
                });
    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest