Allow for multiple backoffice hosts

[kjac]

Prerequisites

• I have added steps to test this contribution in the description below

Description

It is currently not possible to have multiple backoffice hosts. This poses an issue for sites that require multiple hostnames providing access to the backoffice.

Here's a PR to fix 😄

Details

As-is, the first backoffice request "wins"; if I request my.host/umbraco, my.host becomes the allowed backoffice host. If I subsequently request my-other.host/umbraco (provided both hostnames point to the same Umbraco instance), I will be met with a somewhat unfriendly message stating that it is not permitted.

This is all because we need to explicitly configure hosts as allowed for redirection in OpenId Connect (via OpenIddict).

With this PR, backoffice hosts are accumulated over time instead of the current "first in wins" strategy.

To retain backwards compatability, the SecuritySettings.BackOfficeHost takes precedence over any accumulated backoffice hosts (if configured).

Testing this PR

Fire up Umbraco on multiple ports (use launchSettings.json) and verify that you can access Umbraco on all ports.

While you're at it, also verify that the corresponding localtest.me:[port]/umbraco work.

Using a debugger, verify that WebRoutingSettings.UmbracoApplicationUrl is always applied as allowed backoffice host (if configured).

Lastly, verify that SecuritySettings.BackOfficeHost (when configured) takes precedence over both the accumulated hosts and WebRoutingSettings.UmbracoApplicationUrl.

[AndyButland]

Couple of small comments made in passing just as I was interested to read through.... I haven't tested.

[nielslyngsoe]

@DanielToft you may want to add your perspectives on this PR.

No requirements for sure, but if you have the time you may want to test if this resolves your case?

If your new to working with the Source Code then read this article. My idea was to build a local version of this branch and verify with a test project, nothing at stake, and verify if this works for you.

https://github.com/umbraco/Umbraco-CMS/blob/contrib/.github/BUILD.md

Thanks in advance

[iOvergaard]

@kjac Without having looked into the code too much, can you outline a bit more how it works regarding authorization if you do not set the BackOfficeHost setting:

1. Does it allow all URLs that request the backend to authorize?
2. There are other settings depending on the backoffice host (whether set by request or BackOfficeHost) such as AuthorizeCallbackPathName (where we append either /umbraco or / if working locally) and AuthorizeCallbackLogoutPathName (= /umbraco/logout or /logout). How are they taken into account when autocalculating the backoffice host?

[kjac]

@kjac Without having looked into the code too much, can you outline a bit more how it works regarding authorization if you do not set the BackOfficeHost setting:

1. Does it allow all URLs that request the backend to authorize?

Yep 👍

2. There are other settings depending on the backoffice host (whether set by request or BackOfficeHost) such as AuthorizeCallbackPathName (where we append either /umbraco or / if working locally) and AuthorizeCallbackLogoutPathName (= /umbraco/logout or /logout). How are they taken into account when autocalculating the backoffice host?

They're always taken into account; if not explicitly defined, the defaults are applied:

[iOvergaard]

Thanks, @kjac. With this in place, we can simplify the authorization flow when working locally where we now do not have to set the BackOfficeHost setting. However, we still need to set the other settings, if we do not use the /umbraco subpath:

Before:

"BackOfficeHost": "http://localhost:5173",
"AuthorizeCallbackPathName": "/oauth_complete",
"AuthorizeCallbackLogoutPathName": "/logout",
"AuthorizeCallbackErrorPathName": "/error"

After:

"AuthorizeCallbackPathName": "/oauth_complete",
"AuthorizeCallbackLogoutPathName": "/logout",
"AuthorizeCallbackErrorPathName": "/error"

I wonder what your thoughts are on introducing a new setting that allows us to specify the backoffice subpath (/umbraco) so we only have to set that one when working locally:

"BackOfficePath": "/umbraco"

This is currently being controlled by a constant Constants.System.DefaultUmbracoPath and set through the UmbracoBackOfficePathGenerator. I know it was dynamic before, but then it stopped being dynamic with the introduction of .NET Core. But this would help when hosting the Backoffice on another server, where you potentially might not need/want the /umbraco prefix. I guess that is the ultimate motive at play with this PR.

[Zeegaan]

Works like a charm 🚀