Asp.net core Incorrect redirect_url when use Facebook external login

Question

I am working in a project required Facebook login using asp.net core following to this tutorial.

Everything seem fine then I deploy it to my Ubuntu VPS. Since kestrel server is not a complete web server so I setup a Haproxy listens on https(443) which route to asp.net core app on port 1080(http). When I go to my website and click to Facebook login button I would get a error message form Facebook:

URL Blocked: This redirect failed because the redirect URI is not whitelisted in the app’s Client OAuth Settings. Make sure Client and Web OAuth Login are on and add all your app domains as Valid OAuth Redirect URIs.

I got this error message because the parameter redirect_uri is http:// instead of https which expected From facebook app configuration.

Any ideas how to fix it?

Answer 1

If you do not specify the type of request scheme, this could generate a call with https and another with http, facebook will take this as a different url.

You just need to add this

app.Use((context, next) =>
       {
        context.Request.Scheme = "https";
        return next();
       });

on your startup class (Startup.cs) under the "Configure" method.

Be sure to set this code before this.

app.UseFacebookAuthentication(fbOptions);

Answer 2

Ok. I figured it out. Firstly, we need to instal this package Microsoft.AspNetCore.HttpOverrides. Then put this piece of code in file Startup.cs

app.UseForwardedHeaders(new ForwardedHeadersOptions
        {
            ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
        });
app.UseHttpMethodOverride();

before the line

app.UseFacebookAuthentication(...)

You can find more here.