Fix stuck-on-loading after sign-in; enable HTTP/LAN local login #3
+8
-3
@@ -110,9 +110,14 @@ else
|
|||||||
.AddOpenIdConnect(options =>
|
.AddOpenIdConnect(options =>
|
||||||
{
|
{
|
||||||
var oidc = builder.Configuration.GetSection("Oidc");
|
var oidc = builder.Configuration.GetSection("Oidc");
|
||||||
options.Authority = $"https://login.microsoftonline.com/{oidc["TenantId"]}/v2.0";
|
// Strip accidental surrounding quotes/whitespace. docker-compose's `environment` list form
|
||||||
options.ClientId = oidc["ClientId"];
|
// (`- Oidc__TenantId="<guid>"`) embeds the literal quotes in the value, producing a malformed
|
||||||
options.ClientSecret = oidc["ClientSecret"];
|
// Authority (…/"<tenant>"/v2.0) that fails metadata discovery with IDX20803. Same trap on the
|
||||||
|
// secret would silently break the token exchange. Trim defensively.
|
||||||
|
static string Clean(string? v) => v?.Trim().Trim('"', '\'') ?? string.Empty;
|
||||||
|
options.Authority = $"https://login.microsoftonline.com/{Clean(oidc["TenantId"])}/v2.0";
|
||||||
|
options.ClientId = Clean(oidc["ClientId"]);
|
||||||
|
options.ClientSecret = Clean(oidc["ClientSecret"]);
|
||||||
options.ResponseType = OpenIdConnectResponseType.Code;
|
options.ResponseType = OpenIdConnectResponseType.Code;
|
||||||
// Do NOT persist the OIDC access/id/refresh tokens in the auth cookie. They are
|
// Do NOT persist the OIDC access/id/refresh tokens in the auth cookie. They are
|
||||||
// never read (SharePoint/Graph auth runs through the separate connect flow +
|
// never read (SharePoint/Graph auth runs through the separate connect flow +
|
||||||
|
|||||||
Reference in New Issue
Block a user