Skip to content

Fix OAuth Callbacks #734

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 6 commits into from
Jun 11, 2025
Merged

Fix OAuth Callbacks #734

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
b5e2775
test
BenjaminMichaelis Apr 14, 2025
c478ba9
try another thing
BenjaminMichaelis Apr 16, 2025
22fb508
update
BenjaminMichaelis Apr 16, 2025
eb5f577
teset
BenjaminMichaelis Apr 17, 2025
20db8fe
another test
BenjaminMichaelis Apr 17, 2025
e96833d
another test
BenjaminMichaelis Apr 17, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion EssentialCSharp.Web/Controllers/HomeController.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,10 @@ namespace EssentialCSharp.Web.Controllers;

public class HomeController(ILogger<HomeController> logger, IWebHostEnvironment hostingEnvironment, ISiteMappingService siteMappingService, IHttpContextAccessor httpContextAccessor) : Controller
{
public IActionResult Index(string key)
public IActionResult Index()
{
string? key = Request.Path.Value?.TrimStart('/');

// if no key (default case), then load up home page
SiteMapping? siteMapping = siteMappingService.SiteMappings.Find(key);

Expand Down
48 changes: 25 additions & 23 deletions EssentialCSharp.Web/Program.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,20 @@ public partial class Program
{
private static void Main(string[] args)
{
WebApplicationBuilder builder = WebApplication.CreateBuilder(args);
WebApplicationBuilder builder = WebApplication.CreateBuilder(args);

builder.Services.Configure<ForwardedHeadersOptions>(options =>
{
options.ForwardedHeaders =
ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;

// Only loopback proxies are allowed by default.
// Clear that restriction because forwarders are enabled by explicit
// configuration.
options.KnownNetworks.Clear();
options.KnownProxies.Clear();
});

ConfigurationManager configuration = builder.Configuration;
string connectionString = builder.Configuration.GetConnectionString("EssentialCSharpWebContextConnection") ?? throw new InvalidOperationException("Connection string 'EssentialCSharpWebContextConnection' not found.");

Expand Down Expand Up @@ -126,38 +139,35 @@ private static void Main(string[] args)
{
microsoftoptions.ClientId = configuration["authentication:microsoft:clientid"] ?? throw new InvalidOperationException("authentication:microsoft:clientid unexpectedly null");
microsoftoptions.ClientSecret = configuration["authentication:microsoft:clientsecret"] ?? throw new InvalidOperationException("authentication:microsoft:clientsecret unexpectedly null");
microsoftoptions.CallbackPath = "/signin-microsoft";
})
.AddGitHub(o =>
{
o.ClientId = configuration["authentication:github:clientId"] ?? throw new InvalidOperationException("github:clientId unexpectedly null");
o.ClientSecret = configuration["authentication:github:clientSecret"] ?? throw new InvalidOperationException("github:clientSecret unexpectedly null");
o.CallbackPath = "/signin-github";

// Grants access to read a user's profile data.
// https://docs.github.com/en/developers/apps/building-oauth-apps/scopes-for-oauth-apps
o.Scope.Add("read:user");
});
}

builder.Services.Configure<ForwardedHeadersOptions>(options =>
{
options.ForwardedHeaders =
ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
});

WebApplication app = builder.Build();

app.UseForwardedHeaders();

WebApplication app = builder.Build();
// Configure the HTTP request pipeline.
if (!app.Environment.IsDevelopment())
{
app.UseExceptionHandler("/Error");
app.UseForwardedHeaders();
app.UseHsts();
app.UseSecurityHeadersMiddleware(new SecurityHeadersBuilder()
.AddDefaultSecurePolicy());
}
else
{
app.UseDeveloperExceptionPage();
app.UseForwardedHeaders();
}

app.MapHealthChecks("/healthz");

Expand All @@ -169,20 +179,12 @@ private static void Main(string[] args)
app.UseAuthentication();
app.UseAuthorization();
app.UseMiddleware<ReferralMiddleware>();

app.Use((context, next) =>
{
context.Request.Scheme = "https";
return next(context);
});

app.MapDefaultControllerRoute();
app.MapRazorPages();

app.MapControllerRoute(
name: "slug",
pattern: "{*key}",
defaults: new { controller = "Home", action = "Index" });
app.MapRazorPages();
app.MapDefaultControllerRoute();
app.MapFallbackToController("Index", "Home");

app.Run();
}
Expand Down