chore 优化authserver配置

2025-10-30 00:10:48 +08:00
parent 90f0040f63
commit ea3a825825
1 changed files with 24 additions and 19 deletions
--- a/applications/KonSoft.AuthServer/KonSoftAuthServerModule.cs
+++ b/applications/KonSoft.AuthServer/KonSoftAuthServerModule.cs
@ -9,7 +9,6 @@ using Microsoft.AspNetCore.Cors;
 using Microsoft.AspNetCore.HttpOverrides;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Hosting;
-using OpenIddict.Validation;
 using System;
 using System.Linq;
 using System.Net;
@ -58,16 +57,14 @@ public class KonSoftAuthServerModule : AbpModule
            });
        });

-        context.Services.Configure<ForwardedHeadersOptions>(options =>
+        PreConfigure<ForwardedHeadersOptions>(options =>
        {
-            options.KnownNetworks.Clear();
-            options.KnownProxies.Clear();
-            options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
-        });
+            options.ForwardedHeaders = ForwardedHeaders.XForwardedFor |
+                                       ForwardedHeaders.XForwardedProto |
+                                       ForwardedHeaders.XForwardedHost;

-        Configure<OpenIddictServerBuilder>(options =>
-        {
-            options.SetIssuer("");
+            options.KnownNetworks.Add(new IPNetwork(IPAddress.Parse("::ffff:127.0.0.1"), 104));
+            options.KnownProxies.Add(IPAddress.Parse("::ffff:127.0.0.1"));
        });

        if (!hostingEnvironment.IsDevelopment())
@ -114,6 +111,16 @@ public class KonSoftAuthServerModule : AbpModule
            options.ApplicationName = "AuthServer";
        });

+        Configure<AppUrlOptions>(options =>
+        {
+            options.Applications["MVC"].RootUrl = configuration["App:SelfUrl"];
+            options.RedirectAllowedUrls.AddRange(configuration["App:RedirectAllowedUrls"]?.Split(',') ??
+                                                 Array.Empty<string>());
+
+            options.Applications["Angular"].RootUrl = configuration["App:ClientUrl"];
+            options.Applications["Angular"].Urls[AccountUrlNames.PasswordReset] = "account/reset-password";
+        });
+
        Configure<AbpBackgroundJobOptions>(options => { options.IsJobExecutionEnabled = false; });

        context.Services.Configure<AbpClaimsPrincipalFactoryOptions>(options =>
@ -146,18 +153,16 @@ public class KonSoftAuthServerModule : AbpModule
        var app = context.GetApplicationBuilder();
        var env = context.GetEnvironment();

-        if (!env.IsDevelopment())
+        app.UseForwardedHeaders();
+        app.Use(async (ctx, next) =>
        {
-            app.UseErrorPage();
-            app.UseForwardedHeaders();
-            app.UseHsts();
-        }
+            ctx.Request.Scheme = "https";
+            await next();
+        });

-        if (env.IsDevelopment())
-        {
-            app.UseDeveloperExceptionPage();
-            app.UseForwardedHeaders();
-        }
+        app.UseDeveloperExceptionPage();
+        app.UseAbpRequestLocalization();
+        app.UseErrorPage();

        app.UseAbpRequestLocalization();