I was working on a project where I had a .NET Blazor server app implementing authentication via Auth0 and being front ended by a nginx reverse proxy. The issu I was having was that the redirect_uri that Auth0 was http as opposed to the https that it should have been receiving. As you can imagine this was causing an issue with Auth0 not being able to display the login page.
The first step was to modify the nginx.conf to make sure we were sending the correct headers over to the Blazor app. I adjust the nginx configuration file to include the following headers to the web app.
proxy_pass http://[internal ip of blazor app]
proxy_set_header Host $http_host
proxy_set_header X-Real-IP $remote_addr
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for
proxy_set_header X-Forwarded-Proto $schemeAfer those changes I tested and while we were getting the correct url the scheme was still http not https.
There was one update that had to be done in the .NET code and that was to add the UseForrwardHeaders option like the following
app.UseForwardedHeaders( new ForwardedHeaderOptions {
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
});Once we did this the blazor app was able to read the correct headers and the Auth0 SDK was able to build the redirect uri with the correct scheme and display the login screen correctly.
I’m looking to post some articles on implementing OKTA,Auth0 and Keycloak into some blazor server apps.