Hello,
I've configured the forward authentication for traefik, but the end result isn't what i expected, it fowards the auth to my external idp and after the auth, the traefik container doesn't route back to the service that the middleware is configured to.
Traefik middleware:
- "traefik.http.middlewares.auth.forwardauth.address=http://docker.localhost/auth/jwt"
- "traefik.http.middlewares.auth.forwardauth.authResponseHeaders=X-Access-Token, X-Id-Token, X-Refresh-Token, X-Redirect-Url"
App middleware:
- "traefik.http.routers.apisample.middlewares=auth"
Auth service:
[Authorize, HttpGet, Route("[action]")]
public async Task<IActionResult> jwt()
{
if (!User.Identity.IsAuthenticated)
{
return Unauthorized("User is not authenticated");
}
var authResult = await _authService.AuthenticateAsync(HttpContext, "oidc");
var props = authResult.Properties;
Response.Headers
.Add("X-Access-Token", $"Bearer {props.GetTokenValue("access_token")}");
Response.Headers
.Add("X-Id-Token", $"Bearer {props.GetTokenValue("id_token")}");
Response.Headers
.Add("X-Refresh-Token", $"Bearer {props.GetTokenValue("refresh_token")}");
return Ok("auth success"); // <-- http 200
}
P.S. The identity provider is the IdentityServer4