diff --git a/docker-compose.yml b/docker-compose.yml index 8bb6df1c..d8dafec3 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -9,6 +9,9 @@ services: ASPNETCORE_ENVIRONMENT: Development Database__DefaultConnection: "Host=postgres;Port=5432;Database=simplemodule;Username=simplemodule;Password=${POSTGRES_PASSWORD:-simplemodule}" Database__Provider: PostgreSQL + # Set to your public URL so OpenIddict registers correct redirect URIs. + # Examples: https://app.simplemodule.dev, http://localhost:8080 + OpenIddict__BaseUrl: ${APP_BASE_URL:-http://localhost:8080} depends_on: postgres: condition: service_healthy diff --git a/framework/SimpleModule.Hosting/SimpleModuleHostExtensions.cs b/framework/SimpleModule.Hosting/SimpleModuleHostExtensions.cs index 56aeb393..b6eaa933 100644 --- a/framework/SimpleModule.Hosting/SimpleModuleHostExtensions.cs +++ b/framework/SimpleModule.Hosting/SimpleModuleHostExtensions.cs @@ -1,6 +1,7 @@ using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Diagnostics.HealthChecks; using Microsoft.AspNetCore.Http; +using Microsoft.AspNetCore.HttpOverrides; using Microsoft.AspNetCore.StaticFiles; using Microsoft.EntityFrameworkCore; using Microsoft.EntityFrameworkCore.Diagnostics; @@ -48,6 +49,15 @@ public static WebApplicationBuilder AddSimpleModuleInfrastructure( BridgeAspireConnectionString(builder.Configuration); options.DatabaseProvider = ValidateDatabaseConfiguration(builder.Configuration); + builder.Services.Configure(fhOptions => + { + fhOptions.ForwardedHeaders = + ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto; + // Allow any proxy in containerized/cloud environments + fhOptions.KnownIPNetworks.Clear(); + fhOptions.KnownProxies.Clear(); + }); + builder.Services.AddProblemDetails(); builder.Services.AddExceptionHandler(); @@ -129,6 +139,7 @@ public static async Task UseSimpleModuleInfrastructure(this WebApplication app) } } + app.UseForwardedHeaders(); app.UseExceptionHandler(); var options = app.Services.GetRequiredService(); diff --git a/modules/OpenIddict/src/SimpleModule.OpenIddict/Services/OpenIddictSeedService.cs b/modules/OpenIddict/src/SimpleModule.OpenIddict/Services/OpenIddictSeedService.cs index 77334626..b8b3eba2 100644 --- a/modules/OpenIddict/src/SimpleModule.OpenIddict/Services/OpenIddictSeedService.cs +++ b/modules/OpenIddict/src/SimpleModule.OpenIddict/Services/OpenIddictSeedService.cs @@ -38,16 +38,6 @@ CancellationToken cancellationToken { var manager = scope.ServiceProvider.GetRequiredService(); - if ( - await manager.FindByClientIdAsync(ClientConstants.ClientId, cancellationToken) - is not null - ) - { - return; - } - - LogSeedingClient(logger); - var baseUrl = configuration[ConfigKeys.OpenIddictBaseUrl] ?? ClientConstants.DefaultBaseUrl; var descriptor = new OpenIddictApplicationDescriptor @@ -97,6 +87,18 @@ is not null } } + var existing = await manager.FindByClientIdAsync( + ClientConstants.ClientId, + cancellationToken + ); + if (existing is not null) + { + LogUpdatingClient(logger); + await manager.UpdateAsync(existing, descriptor, cancellationToken); + return; + } + + LogSeedingClient(logger); await manager.CreateAsync(descriptor, cancellationToken); } @@ -106,6 +108,12 @@ is not null )] private static partial void LogSeedingClient(ILogger logger); + [LoggerMessage( + Level = LogLevel.Information, + Message = "Updating OpenIddict client application..." + )] + private static partial void LogUpdatingClient(ILogger logger); + [LoggerMessage( Level = LogLevel.Warning, Message = "OpenIddict seeding skipped due to error: {ErrorMessage}" diff --git a/template/SimpleModule.Host/appsettings.Production.json b/template/SimpleModule.Host/appsettings.Production.json index bacc57d2..96aa3626 100644 --- a/template/SimpleModule.Host/appsettings.Production.json +++ b/template/SimpleModule.Host/appsettings.Production.json @@ -3,6 +3,9 @@ "DefaultConnection": "Data Source=/app/data/app.db", "Provider": "Sqlite" }, + "OpenIddict": { + "BaseUrl": "https://app.simplemodule.dev" + }, "Storage": { "Local": { "BasePath": "/app/storage"