From b7f07c36b9254f36a94a6a0da5de9ceb75f3acfd Mon Sep 17 00:00:00 2001
From: Simon Maddocks <git@51m0n.com>
Date: Sun, 3 Oct 2021 02:55:25 +0100
Subject: [PATCH] More attempting to read forward headers

---
 ManagementPage/ManagementPage/Program.cs | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/ManagementPage/ManagementPage/Program.cs b/ManagementPage/ManagementPage/Program.cs
index b77c6ba..1a9299e 100644
--- a/ManagementPage/ManagementPage/Program.cs
+++ b/ManagementPage/ManagementPage/Program.cs
@@ -8,6 +8,12 @@ using Microsoft.Extensions.Configuration;
 var builder = WebApplication.CreateBuilder(args);
 var Configuration = builder.Configuration;
 
+builder.Services.Configure<ForwardedHeadersOptions>(options =>
+{
+    options.ForwardedHeaders =
+        ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
+});
+
 // Add services to the container.
 builder.Services.AddRazorPages();
 builder.Services.AddControllers();
@@ -24,7 +30,6 @@ builder.Services.AddAuthentication(options => {
                 options.ClientSecret = Configuration["oidc:clientsecret"];
                 options.Authority = @"https://auth.jacknet.io/auth/realms/JackNet";
                 //options.Authority = String.Format("https://{0}.onelogin.com/oidc/2", Configuration["oidc:region"]);
-
                 options.ResponseType = "code";
                 options.GetClaimsFromUserInfoEndpoint = true;
             }
@@ -36,10 +41,10 @@ var app = builder.Build();
 if (!app.Environment.IsDevelopment())
 {
     app.UseExceptionHandler("/Error");
+    app.UseForwardedHeaders();
+
     // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
     app.UseHsts();
-
-    app.UseForwardedHeaders();
 }
 
 app.UseStaticFiles();