我正在尝试将具有 AzureAD 身份验证的 SAFE-stack 应用程序部署到 docker 内的 Azure。dotnet fake run -t azure使用直接部署到 azure ( )的构建脚本进行部署时,我得到了身份验证。但是当我通过 GitHub 操作将应用程序部署到 docker 容器中时,身份验证不起作用。
问题出redirect_uri在请求中,而http不是https
. 我认为问题可能出在中间件上,但我似乎无法修复它。我似乎有应该工作的正确配置(我也知道顺序很重要,但我认为它也是正确的顺序)。
这是我的 Server.fs:
let buildRemotingApi api next ctx = task {
let handler =
Remoting.createApi()
|> Remoting.withRouteBuilder Route.builder
|> Remoting.fromValue (api ctx)
|> Remoting.buildHttpHandler
return! handler next ctx }
let authScheme = "AzureAD"
let isDevelopment = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT") = Environments.Development
let requireLoggedIn : HttpFunc -> HttpContext -> HttpFuncResult =
requiresAuthentication (RequestErrors.UNAUTHORIZED authScheme "My Application" "You must be logged in.")
let authChallenge : HttpFunc -> HttpContext -> HttpFuncResult =
requiresAuthentication (Auth.challenge authScheme)
let apiRoutes =
choose [
subRoute "/api" (requireLoggedIn >=> buildRemotingApi Todos.Api)
subRoute "/api" (requireLoggedIn >=> buildRemotingApi Investments.Api)
subRoute "/api" (requireLoggedIn >=> buildRemotingApi Salary.Api)
]
let routes =
choose [
route "/" >=> authChallenge >=> htmlFile "public/app.html"
apiRoutes
]
let configureServices (services : IServiceCollection) =
let config = services.BuildServiceProvider().GetService<IConfiguration>()
services
.AddMicrosoftIdentityWebAppAuthentication(config, openIdConnectScheme = authScheme)
|> ignore
services
let configureApp (app : IApplicationBuilder) =
app
.UseForwardedHeaders()
.UseHsts()
.UseHttpsRedirection()
.UseAuthentication()
let app =
application {
url "http://0.0.0.0:8085"
service_config configureServices
app_config configureApp
use_router routes
memory_cache
use_static "public"
use_gzip
}
run app
我也试过:
force_ssl在app价值。我已经尝试过user_router了app_config。- 我试图将 url 更改为 https:
url "https://0.0.0.0:8085"但应用程序因这些尝试而崩溃。