Identity Server OpenID Config Http Redirect

我在Azure Docker WebApp上托管的Identity Server遇到问题。该IS有多个客户端，其中一个是.NET Core Razor Page App，也托管在Azure Docker WebApp上。

我的问题是，MVC应用程序尝试通过http而非配置方式访问https，但我不确定为什么。

MVC启动：

        services
            .AddAuthentication(options =>
            {
                options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
            })
            .AddCookie()
            .AddOpenIdConnect(options =>
            {
                options.Authority = Configuration["IdentityServer:Authority"];
                options.RequireHttpsMetadata = !Env.IsDevelopment();

                options.ClientId = Configuration["IdentityServer:ClientId"];
                options.ClientSecret = Configuration["IdentityServer:ClientSecret"];

                options.ResponseType = "code";

                options.Scope.Clear();
                options.Scope.Add("openid");
                options.Scope.Add("profile");
                options.Scope.Add("email");
                options.Scope.Add("offline_access");

                options.ClaimActions.MapAllExcept("iss", "nbf", "exp", "aud", "nonce", "iat", "c_hash");

                options.UsePkce = true;
                options.SaveTokens = true;
                options.GetClaimsFromUserInfoEndpoint = true;
            });
MVC配置：

"IdentityServer": {
  "Authority": "https://****.azurewebsites.net",
  "ClientId": "****-admin",
  "ClientSecret": "****"
}
IS客户端配置：

"IdentityServer": {
  "Clients": [
    {
      "ClientId": "****-admin",
      "ClientSecrets": [ { "Value": "*****************************" } ],
      "ClientName": "MVC Client",
      "AllowedGrantTypes": [ "authorization_code" ],
      "AllowedScopes": [ "openid", "profile", "email" ],
      "RedirectUris": [
        "https://****.azurewebsites.net//signin-oidc"
      ],
      "PostLogoutRedirectUris": [
        "https://****.azurewebsites.net/signout-callback-oidc"
      ],
      "RequireConsent": false,
      "AllowOfflineAccess": true,
      "AllowAccessTokensViaBrowser": false,
      "RequirePkce": true,
      "AlwaysSendClientClaims": true,
      "UpdateAccessTokenClaimsOnRefresh": true
    }
  ]
}
两者的Docker文件：

#See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging.

FROM mcr.microsoft.com/dotnet/core/aspnet:3.1-buster-slim AS base
WORKDIR /app
EXPOSE 80
EXPOSE 443

FROM mcr.microsoft.com/dotnet/core/sdk:3.1-buster AS build
WORKDIR /src
COPY packages /root/.nuget/packages
COPY ["****.Domain/****.Domain.csproj", "****.Domain/"]
COPY ["****.Application/****.Application.csproj", "****.Application/"]
COPY ["****.Infrastructure/****.Infrastructure.csproj", "****.Infrastructure/"]
COPY ["****.Auth/****.Auth.csproj", "****.Auth/"]
RUN dotnet restore "****.Auth/****.Auth.csproj"
COPY . .
WORKDIR "/src/****.Auth"
RUN dotnet build "****.Auth.csproj" -c Release -o /app/build

FROM build AS publish
RUN dotnet publish "****.Auth.csproj" -c Release -o /app/publish

FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "****.Auth.dll"]
现在的问题是，MVC客户端尝试通过http加载OpenID端点，由于RedirectUri不匹配（http vs https），我失败了，我真的不明白为什么。

[2020-04-14 06:10:28 ERR] Invalid redirect_uri: http://****.azurewebsites.net/signin-oidc
{"ClientId":"****","ClientName":"Mvc Client","RedirectUri":null,"AllowedRedirectUris":["https://****.azurewebsites.net/signin-oidc"],"SubjectId":"anonymous","ResponseType":null,"ResponseMode":null,"GrantType":null,"RequestedScopes":"","State":null,"UiLocales":null,"Nonce":null,"AuthenticationContextReferenceClasses":null,"DisplayMode":null,"PromptMode":null,"MaxAge":null,"LoginHint":null,"SessionId":null,"Raw":{"client_id":"****-admin","redirect_uri":"http://****.azurewebsites.net/signin-oidc","response_type":"code","scope":"openid profile email offline_access","code_challenge":"tYfbgtCWvJawPddV3pHVcmEf41PfWE8v4d3js3WzV2Q","code_challenge_method":"S256","response_mode":"form_post","nonce":"637224414258581372.NDkwZmJkMTQtMDg0NS00ODMyLTgwMmYtYjIxYTA4YmYzYjY0MTc1YmY2ZGYtMzMyOC00YTBjLWI5ZDgtMjkzMWViMzk5YjUy","state":"CfDJ8Ox9u0p5MQ9MsZe5b-yGtbTFFUGO9B9TgRxvfcngit3msFwYDgHhej1KZa5t-5APppkSqDp0zj-0IHxZBDgfHr4m0MzsoWSs4M-uzUQ_gFWTtq5z2vH2s_7E5nv4jquHvprvkhYgXXACUolUW0rxUVYNIBf-CpwySLIL-9em4nZpsmQ2IYTTAofgd1xbbRX874H7L8Cs-6ULPdYMz9C8o1blQ5lYjS1IzgAsrTfbQBdxBhUQ53RLerQx5e-OoVWPWQ5Hp4nGCyR6z7ao6jkBPvtipV9D9tgzt8mFGnhqs3aBfcsztruAKOO_lU1Z8UW2NEPtAjMUVjyKpL-pMbpT5dbKH0g2TumWv1cod31oYTB1l42uyG8xwq0d6sJ8cUzDt-PgzkTEX8nnjQ--3301eBk","x-client-SKU":"ID_NETSTANDARD2_0","x-client-ver":"5.5.0.0"},"$type":"AuthorizeRequestValidationLog"}
我愿意寻求帮助。

我在Azure Docker WebApp上托管的Identity Server遇到问题。 IS具有多个客户端，其中一个是.NET Core Razor Page App，该客户端也托管在Azure Docker WebApp上。我的问题...