custom openid connect -> https -> http -> 500

[cforce]

trafficstars

I configured a custom openId connect Authorizer which correctly redirect sto the ID provider login, authenticating the user and redirecting back to the configured https://app-backend-XXXX.azurewebsites.net/.auth/login/mycustomopneidconnectsso/callback, where the redirect uri's inside azure is set to http:// and finally leads to an 500 on the web application.

Core.Hosting.Diagnostics: Request starting HTTP/1.1 GET http://app-backend-XXXX.azurewebsites.net/.auth/login/mycustomopneidconnectsso/callback?code=xxxxxxxxxxxxxxxxxxxxxxxx&state=redir%3D%252F - - 2023-04-19 07:19:33.465 +00:00 [Debug] Microsoft.AspNetCore.Server.Kestrel.Connections: Connection id "XXXXXXXXXXX" completed keep alive response.

I have tried http v1 and v2 and switched on/off enforce ssl , also i found several realated issues but was not able to get it running without success.

• https://github.com/AzureAD/microsoft-identity-web/issues/115
• https://github.com/Azure-App-Service/ImageBuilder/blob/0901682fa83f20ecd1ccab6612e8d357dcd15150/GenerateDockerFiles/dotnetcore/debian-9/Dockerfile#L56
• https://stackoverflow.com/questions/64066325/azure-ad-authentication-reply-url-contains-http-instead-of-https-with-netcore-m Maybe its something else but it looks like the https is somewhere wrongly switched to http on azure side. Some cfg on the app might be needed additional to the auth id provider setup in the portal