Use HangFire with AbpHangfireAuthorizationFilter throw HTTP ERROR 401 #4683 | Support

augustin.couval@manuloc.eu created one year ago

Hello, Our project structure is mentioned in this ticket : https://support.abp.io/QA/Questions/4663#answer-3a09d256-58d0-4c55-dc67-7e989f693fb3

We tried to add Hangfire in Admin part of the project (ConfigurateurClient.Admin.HttpApi.Host\AdminHttpApiHostModule.cs).

we called app.UseHangFireDashboard on the last line of OnApplicationInitialization method.

The Admin.HangFire pemrission is well defined in the application.contract layer

But when we want acces to https://localhost:44340/hangfire, we have this message.

And in the swagger logs :

Avez-vous des informations sur ce que nous aurions pu manquer pour générer ce type d'erreur ?

ABP Framework version: v7.0.0

UI type: Angular and Blazor (not relevant here)

DB provider: EF Core

Tiered (MVC) or Identity Server Separated (Angular): no

17 Answer(s)

0

berkansasmaz created one year ago
Support Team .NET Developer

Any chance to send the content of your OnApplicationInitialization method? Maybe you have a missing or misordered request-response pipeline.

augustin.couval@manuloc.eu created one year ago


    public override void OnApplicationInitialization(ApplicationInitializationContext context)
    {
        var app = context.GetApplicationBuilder();
        var env = context.GetEnvironment();

        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }

        app.UseAbpRequestLocalization();
        app.UseStaticFiles();
        app.UseAbpSecurityHeaders();
        app.UseRouting();
        app.UseCors();
        app.UseAuthentication();

        if (MultiTenancyConsts.IsEnabled)
        {
            app.UseMultiTenancy();
        }

        app.UseAuthorization();
        app.UseSwagger();
        app.UseAbpSwaggerUI(options =>
        {
            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Admin API");

            var configuration = context.GetConfiguration();
            options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
        });
        

        app.UseAuditing();
        app.UseAbpSerilogEnrichers();
        app.UseUnitOfWork();
        app.UseConfiguredEndpoints();
        app.UseHangfireDashboard("/hangfire", new DashboardOptions
        {
            AsyncAuthorization = new[] { new AbpHangfireAuthorizationFilter(enableTenant: true, requiredPermissionName: "Admin.HangFire") }
        });
    }```

berkansasmaz created one year ago

Support Team .NET Developer

First of all, UseHangfireDashboard must be before UseConfiguredEndpoints. However, this is not the problem, I tried to reproduce the problem with the information you provided, but I was unsuccessful, here is my code:

ConfigureServices:

    ...
    ...
    ...
    ...
    ConfigureHangfire(context, configuration);

ConfigureHangfire:

    private void ConfigureHangfire(ServiceConfigurationContext context, IConfiguration configuration)
    {
        context.Services.AddHangfire(config => { config.UseInMemoryStorage(); });
    }

OnApplicationInitialization:

    public override void OnApplicationInitialization(ApplicationInitializationContext context)
    {
        var app = context.GetApplicationBuilder();
        var env = context.GetEnvironment();

        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }

        app.UseAbpRequestLocalization();
        app.UseStaticFiles();
        app.UseAbpSecurityHeaders();
        app.UseRouting();
        app.UseCors();
        app.UseAuthentication();

        if (MultiTenancyConsts.IsEnabled)
        {
            app.UseMultiTenancy();
        }

        app.UseAuthorization();
        app.UseSwagger();
        app.UseAbpSwaggerUI(options =>
        {
            options.SwaggerEndpoint("/swagger/v1/swagger.json", "Admin API");

            var configuration = context.GetConfiguration();
            options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
        });


        app.UseAuditing();
        app.UseAbpSerilogEnrichers();
        app.UseUnitOfWork();
        app.UseHangfireDashboard("/hangfire", new DashboardOptions
        {
            AsyncAuthorization = new[]
                {new AbpHangfireAuthorizationFilter(enableTenant: true, requiredPermissionName: "Admin.HangFire")}
        });
        app.UseConfiguredEndpoints();
    }

When we look at the status code, it returns 401. So, it doesn't see you as authorized, but I think you are logged in. It felt like CurrentUser.IsAuthenticated was returning false somehow. Can you confirm this information by debugging AbpHangfireAuthorizationFilter

0

augustin.couval@manuloc.eu created one year ago

When I debug AbpHangfireAuthorizationFilter :

I don't see CurrentUser.IsAuthenticated value in locales variables
0

berkansasmaz created one year ago
Support Team .NET Developer

Yes, because the CurrentUser service is resolved from RequestServices in IsLoggedIn method.

See: https://github.com/abpframework/abp/blob/ba6ded35524cd4f743f263f33ac37cbc8f238fcd/framework/src/Volo.Abp.HangFire/Volo/Abp/Hangfire/AbpHangfireAuthorizationFilter.cs#L38-L45
0

pierremih created one year ago

Hi, In-depth debugging of the AbpHangfireAuthorizationFilter seems impossible becaue the .pdb symbols file cannot be found Can you give me indications on how debug AbpHangfireAuthorizationFilter to confirm that CurrentUser.IsAuthenticated is returning false?
0

pierremih created one year ago

I could debug the AbpHangfireAuthorizationFilter class. It is indeed detecting us as not authenticated.
0

berkansasmaz created one year ago
Support Team .NET Developer

I understand, but you're logged in, right? You can see your account information, or if you are logged in as an admin user, you can visit the page where you can see the list of all users and so on, right? If so, I might need to take a closer look at your project. It's hard to say anything directly.
0

pierremih created one year ago

I logged in using the swagger's built-in function here

And when checking the Authentication server's page, it does show me as logged in.

We can grant you access to the Github repository. Can you confirm this is you ? https://github.com/berkansasmaz Hangfire is being implemented on branch 346-use-hangfire

1
0

berkansasmaz created one year ago
Support Team .NET Developer

I am very happy with the information you have given because I understand the problem. But we need to verify, so can you visit the /account/login page and try again after login?
0

pierremih created one year ago

Even after login that way, the issue is still the same.

1
0

berkansasmaz created one year ago
Support Team .NET Developer

Got it, you can grant access to this GitHub account.
0

pierremih created one year ago

I granted you access. The repo is https://github.com/Manuloc/ConfigurationClient/ on the branch https://github.com/Manuloc/ConfigurationClient/tree/346-use-hangfire

1
0

berkansasmaz created one year ago
Support Team .NET Developer

The problem is that you have installed Hangfire in ConfigurateurClient.Admin.HttpApi.Host. If you want to use Hangfire in this project, you should edit ConfigureAuthentication similar to ConfigurateurClient.Admin.Blazor, but I don't recommend it. You don't need to open ConfigurateurClient.Admin.HttpApi.Host outside, it can stay internal. Users with ConfigurateurClient.Admin.Blazor admin privileges can access as the UI allows, but they don't need to access ConfigurateurClient.Admin.HttpApi.Host so you don't need to open its URL outside.

As a result, if you want to solve the problem with the least effort and with a more accurate method, you can solve the problem by moving similar codes to ConfigurateurClient.Admin.Blazor. I tried it works, you can see the screenshot below.
0

pierremih created one year ago

Thank you for the great news, We will try this solution and come back towards you to confirm the result. Have a nice day

1
0

pierremih created one year ago

I moved hangfire to the blazor project and it's working perfectly. Thank you You can mark the issue as resolved

1
0

berkansasmaz created one year ago
Support Team .NET Developer

Closing the issue. Feel free to re-open or create a new issue if you have further questions 😄

1

Have an answer to this question? Log in and write your answer.