You’re better off setting up the application to work correctly behind a SSL terminated load balancer. The above solutions will work, but they work explicitly for Auth0 and not other scenarios (like local redirects).
You need to check the specific load balancer you’re using, but most forward the original protocol as a HTTP request header called X-Forwarded-Proto.
For MVC Core applications, this is the extension class you’ll want to use. The following will generally make the quickstart code work w/o any additional handlers:
//forward headers from the LB
var forwardOpts = new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedProto | ForwardedHeaders.XForwardedFor
};
//TODO: Set this up to only accept the forwarded headers from the load balancer
forwardOpts.KnownNetworks.Clear();
forwardOpts.KnownProxies.Clear();
app.UseForwardedHeaders(forwardOpts);
The known networks / known proxies lists take a IPNetwork that you can use to restrict forwarded headers to known hosts. The code above will accept the headers from anyone - useful for trying it out, but I wouldn’t go to production like that.