2

I am trying to deploy a SAFE-stack application with AzureAD authentication to Azure inside docker. I got authentication to work when deploying with the build script that deploys directly to azure (dotnet fake run -t azure). But when I deploy the app in a docker container via GitHub actions, authentication does not work.

The issue is the redirect_uri in the request, which has http instead of https . I think the issue might be with the middleware, but I can’t seem to fix it. I seem to have the correct configurations that should be working (I also know the order matters, but I think it is the correct order as well).

This is my Server.fs:

let buildRemotingApi api next ctx = task {
    let handler =
        Remoting.createApi()
        |> Remoting.withRouteBuilder Route.builder
        |> Remoting.fromValue (api ctx)
        |> Remoting.buildHttpHandler
    return! handler next ctx }

let authScheme = "AzureAD"

let isDevelopment = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT") = Environments.Development

let requireLoggedIn : HttpFunc -> HttpContext -> HttpFuncResult =
    requiresAuthentication (RequestErrors.UNAUTHORIZED authScheme "My Application" "You must be logged in.")

let authChallenge : HttpFunc -> HttpContext -> HttpFuncResult =
    requiresAuthentication (Auth.challenge authScheme)

let apiRoutes =
    choose [
        subRoute "/api" (requireLoggedIn >=> buildRemotingApi Todos.Api)
        subRoute "/api" (requireLoggedIn >=> buildRemotingApi Investments.Api)
        subRoute "/api" (requireLoggedIn >=> buildRemotingApi Salary.Api)
    ]

let routes =
    choose [
        route "/" >=> authChallenge >=> htmlFile "public/app.html"
        apiRoutes
    ]

let configureServices (services : IServiceCollection) =
    let config = services.BuildServiceProvider().GetService<IConfiguration>()

    services
        .AddMicrosoftIdentityWebAppAuthentication(config, openIdConnectScheme = authScheme)
        |> ignore

    services

let configureApp (app : IApplicationBuilder) =
    app
        .UseForwardedHeaders()
        .UseHsts()
        .UseHttpsRedirection()
        .UseAuthentication()

let app =
    application {
        url "http://0.0.0.0:8085"
        service_config configureServices
        app_config configureApp
        use_router routes
        memory_cache
        use_static "public"
        use_gzip
    }

run app

I have also tried:

  • force_ssl in the app value. I have tried this after user_router and after app_config.
  • I have tried to change the url to https: url "https://0.0.0.0:8085" But the app crashed for these attempts.
Espen Brun
  • 103
  • 7

0 Answers0