Antiforgery token is not decryptable after dockerizing environment

before I dockerized my asp.net core app and angular + nginx on separated containers, I didn't have problems with validation via this token.

That's what i get, after debugging code with _antiforgery.ValidateRequestAsync():

The antiforgery token could not be decrypted.
​

This's method, which I use to get antiforgery token on angular app.

[HttpGet("get-antiforgery-token")]
public async Task<IActionResult> GetAntiforgeryToken()
{
return Ok(JsonConvert.SerializeObject(_antiforgery.GetAndStoreTokens(_httpContext.HttpContext).RequestToken));
}


angular + nginx dockerfile

FROM node:18 AS build
WORKDIR /usr/src/app

COPY . /usr/src/app
COPY ../node_modules /usr/src/app
COPY ../*.json /usr/src/app

RUN npm install -g @angular/cli --legacy-peer-deps
RUN npm install

RUN npm install --legacy-peer-deps @angular-devkit/build-angular
RUN npm install --legacy-peer-deps typescript@latest -g

RUN npm install --legacy-peer-deps @angular/core
RUN npm install --legacy-peer-deps @angular/compiler-cli
RUN npm install --legacy-peer-deps @angular/compiler
RUN npm install --legacy-peer-deps @angular/animations
RUN npm install --legacy-peer-deps @angular/router
RUN npm install --legacy-peer-deps @angular/platform-browser
RUN npm install --legacy-peer-deps @ngrx/store
RUN npm install --legacy-peer-deps @angular/forms
RUN npm install --legacy-peer-deps @ngrx/effects
RUN npm install --legacy-peer-deps @angular/platform-browser-dynamic
RUN npm install --legacy-peer-deps zone.js
RUN npm install --legacy-peer-deps ngx-cookie-service
RUN npm install --legacy-peer-deps quill
RUN npm install --legacy-peer-deps @angular/common
RUN npm install --legacy-peer-deps process

RUN npm run build #--prod

FROM nginx:stable AS ngi

COPY --from=build /usr/src/app/dist/ /usr/share/nginx/html
COPY /nginx.conf /etc/nginx/conf.d/default.conf

EXPOSE 80


asp.net core dockerfile

FROM mcr.microsoft.com/dotnet/sdk:8.0@sha256:35792ea4ad1db051981f62b313f1be3b46b1f45cadbaa3c288cd0d3056eefb83 AS build-env
WORKDIR /App

# Copy everything to working directory
COPY . ./
# Restore as distinct layers
RUN dotnet restore
# Build and publish a release
RUN dotnet publish -c Release -o out

# Build runtime image
FROM mcr.microsoft.com/dotnet/aspnet:8.0@sha256:6c4df091e4e531bb93bdbfe7e7f0998e7ced344f54426b7e874116a3dc3233ff
WORKDIR /App
COPY --from=build-env /App/out .

EXPOSE 8080

ENV ASPNETCORE_ENVIRONMENT=Production
ENV ASPNETCORE_DATAProtection_KeyRingProvider=Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyRingProvider
VOLUME /data/keys

ENTRYPOINT ["dotnet", "aspAppAng.Server.dll"]



nginx.conf

server {
listen 80;
sendfile on;
default_type application/octet-stream;

gzip on;
gzip_http_version 1.1;
gzip_disable "MSIE [1-6]\.";
gzip_min_length 256;
gzip_vary on;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip_comp_level 9;

root /usr/share/nginx/html/aspappang.client/browser;
index index.html index.htm;

location / {
try_files $uri $uri/ /index.html =404;
}

location ~ ^/(user/api|posts/api|tags/api|comments/api)/ {
proxy_pass http://asp-container:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Access-Control-Allow-Origin http://localhost:4200;
proxy_set_header Access-Control-Allow-Credentials true;
proxy_set_header Access-Control-Allow-Headers "X-Requested-With, X-CSRF-TOKEN, Content-Type";
proxy_set_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
}
}


I tried to resolve with this

Continue reading...