Enhance external login and proxy compatibility

- Updated `ExternalLoginPicker.razor` to add Google and Microsoft login buttons with SVG icons and improved styling.
- Added new styles in `ExternalLoginPicker.razor.css` for layout and accessibility.
- Configured `ForwardedHeadersOptions` and enabled `UseForwardedHeaders` middleware in `Program.cs` for reverse proxy support.
- Added `AddCascadingAuthenticationState` for better authentication state management.
- Included `microsoft-identity-association.json` for Microsoft app association.
- Added `google-signin.svg` and `microsoft-signin.svg` assets for login buttons.

src/BirthList.Web/Components/Account/Shared/ExternalLoginPicker.razor

@@ -16,16 +16,32 @@
 }
 else
 {
-    <form class="form-horizontal" action="Account/PerformExternalLogin" method="post">
-        <div>
+    <form class="external-login-form" action="Account/PerformExternalLogin" method="post">
+        <div class="external-login-actions">
             <AntiforgeryToken />
             <input type="hidden" name="ReturnUrl" value="@ReturnUrl" />
-            <p>
-                @foreach (var provider in externalLogins)
+
+            @foreach (var provider in externalLogins)
+            {
+                var normalized = provider.Name?.Trim().ToLowerInvariant() ?? string.Empty;
+
+                if (normalized.Contains("google", StringComparison.Ordinal))
+                {
+                    <button type="submit" class="external-login-btn external-login-btn-google" name="provider" value="@provider.Name" title="Sign in with Google">
+                        <img src="/signin/google-signin.svg" alt="Sign in with Google" />
+                    </button>
+                }
+                else if (normalized.Contains("microsoft", StringComparison.Ordinal))
+                {
+                    <button type="submit" class="external-login-btn external-login-btn-microsoft" name="provider" value="@provider.Name" title="Sign in with Microsoft">
+                        <img src="/signin/microsoft-signin.svg" alt="Sign in with Microsoft" />
+                    </button>
+                }
+                else
                 {
                     <button type="submit" class="btn btn-primary" name="provider" value="@provider.Name" title="Log in using your @provider.DisplayName account">@provider.DisplayName</button>
                 }
-            </p>
+            }
         </div>
     </form>
 }

src/BirthList.Web/Components/Account/Shared/ExternalLoginPicker.razor.css

@@ -0,0 +1,29 @@
+.external-login-form {
+    display: block;
+}
+
+.external-login-actions {
+    display: flex;
+    flex-direction: column;
+    gap: 0.75rem;
+    align-items: flex-start;
+}
+
+.external-login-btn {
+    padding: 0;
+    border: none;
+    background: transparent;
+    line-height: 0;
+    border-radius: 4px;
+}
+
+.external-login-btn img {
+    height: 40px;
+    width: auto;
+    display: block;
+}
+
+.external-login-btn:focus-visible {
+    outline: 2px solid #0d6efd;
+    outline-offset: 2px;
+}

src/BirthList.Web/Program.cs

@@ -4,6 +4,7 @@ using BirthList.Web.Configuration;
 using BirthList.Web.Features.Registries;
 using BirthList.Web.Services;
 using Microsoft.AspNetCore.Components.Authorization;
+using Microsoft.AspNetCore.HttpOverrides;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.Infrastructure;
@@ -25,6 +26,13 @@ builder.Services.AddHttpClient("RegistryMetadata", client =>
 });
 builder.Services.Configure<SmtpOptions>(builder.Configuration.GetSection("Smtp"));
 
+builder.Services.Configure<ForwardedHeadersOptions>(options =>
+{
+    options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
+    options.KnownNetworks.Clear();
+    options.KnownProxies.Clear();
+});
+
 builder.Services.AddCascadingAuthenticationState();
 builder.Services.AddScoped<IdentityUserAccessor>();
 builder.Services.AddScoped<IdentityRedirectManager>();
@@ -150,6 +158,7 @@ else
     app.UseHsts();
 }
 
+app.UseForwardedHeaders();
 app.UseHttpsRedirection();
 
 app.UseStaticFiles();

src/BirthList.Web/wwwroot/.well-known/microsoft-identity-association.json

@@ -0,0 +1,7 @@
+{
+  "associatedApplications": [
+    {
+      "applicationId": "5c54d048-dc3e-4d90-a29f-b96b9601fe18"
+    }
+  ]
+}