Blank page after log out #4730

0

maliming created one year ago

Support Team Fullstack Developer

hi

You can refer to this sample.

https://github.com/abpframework/abp-samples/blob/master/DomainTenantResolver/OpenIddict/NG/aspnet-core/src/BookStore.HttpApi.Host/BookStoreHttpApiHostModule.cs#L63-L92

0

pablo@ccalp.net created one year ago

That's what I used, but not working. By the way, I switched from Resource Owner Password to the standard one that redirects to do the auth. How should the Openiddict Applications be configured? I'm using whatever was created by the default migrations.

public override void PreConfigureServices(ServiceConfigurationContext context)
{
    var hostingEnvironment = context.Services.GetHostingEnvironment();

    PreConfigure<OpenIddictBuilder>(builder =>
    {
        builder.AddValidation(options =>
        {
            options.AddAudiences("CompuCare");
            options.UseLocalServer();
            options.UseAspNetCore();
        });
    });

    PreConfigure<AbpOpenIddictWildcardDomainOptions>(options =>
    {
        options.EnableWildcardDomainSupport = true;
        options.WildcardDomainsFormat.Add("https://{0}.ccalp.net/signin-oidc");
        options.WildcardDomainsFormat.Add("https://{0}.ccalp.net/signout-callback-oidc");
    });

   
public override void ConfigureServices(ServiceConfigurationContext context)
{
    var configuration = context.Services.GetConfiguration();
    var hostingEnvironment = context.Services.GetHostingEnvironment();

    // ***********************
    // Custom Configs
    // ***********************

    context.Services.AddResponseCaching();

    Configure<AbpTenantResolveOptions>(options =>
    {
        options.AddDomainTenantResolver("{0}.api.ccalp.net");
    });

Pasting the log file in the next message.

0

pablo@ccalp.net created one year ago

Log File

2023-03-20 16:45:38.950 +00:00 [INF] Client validation failed because 'https://ccalp.net' was not a valid redirect_uri for CompuCare_App.
2023-03-20 16:45:38.950 +00:00 [INF] The authorization request was rejected because the redirect_uri was invalid: 'https://ccalp.net'.
2023-03-20 16:45:38.972 +00:00 [INF] The response could not be cached for this request.
2023-03-20 16:45:38.982 +00:00 [INF] Request finished HTTP/1.1 GET http://api.ccalp.net/connect/authorize?response_type=code&client_id=CompuCare_App&state=SXozejByamcxam9ibGMxUndueUtPdmdlekpLSDlzeExGUmMySFBhX3RxbV9H&redirect_uri=https%3A%2F%2Fccalp.net&scope=openid%20offline_access%20CompuCare&code_challenge=mby31qqbtuatfUUDCR6Llb2izIroRqr6qE-jj8Ggoos&code_challenge_method=S256&nonce=SXozejByamcxam9ibGMxUndueUtPdmdlekpLSDlzeExGUmMySFBhX3RxbV9H&culture=en&ui-culture=en - - - 302 0 - 88.2534ms
2023-03-20 16:45:39.028 +00:00 [INF] Request starting HTTP/1.1 GET http://api.ccalp.net/Error?httpStatusCode=400 - -
2023-03-20 16:45:39.028 +00:00 [INF] No cached response available for this request.
2023-03-20 16:45:39.056 +00:00 [INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)'
2023-03-20 16:45:39.056 +00:00 [INF] Route matched with {action = "Index", controller = "Error", area = "", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] Index(Int32) on controller Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared).
2023-03-20 16:45:39.066 +00:00 [INF] Executing ViewResult, running view ~/Views/Error/Default.cshtml.
2023-03-20 16:45:39.161 +00:00 [INF] Executed ViewResult - view ~/Views/Error/Default.cshtml executed in 94.2435ms.
2023-03-20 16:45:39.161 +00:00 [INF] Executed action Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared) in 104.8771ms
2023-03-20 16:45:39.161 +00:00 [INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)'
2023-03-20 16:45:39.161 +00:00 [INF] The response could not be cached for this request.
2023-03-20 16:45:39.161 +00:00 [INF] Request finished HTTP/1.1 GET http://api.ccalp.net/Error?httpStatusCode=400 - - - 400 - text/html;+charset=utf-8 133.2881ms
2023-03-20 16:45:39.225 +00:00 [INF] Request starting HTTP/1.1 GET http://api.ccalp.net/Abp/ApplicationConfigurationScript - -
2023-03-20 16:45:39.225 +00:00 [INF] No cached response available for this request.
2023-03-20 16:45:39.240 +00:00 [INF] Request starting HTTP/1.1 GET http://api.ccalp.net/__bundles/LeptonX.Global.DD44B0ECF605910A5B8FAD560D306DDE.js?_v=638149274977838065 - -
2023-03-20 16:45:39.241 +00:00 [INF] No cached response available for this request.
2023-03-20 16:45:39.249 +00:00 [INF] Request starting HTTP/1.1 GET http://api.ccalp.net/__bundles/Views.Error.DefaultErrorComponent.default.F15FCDEA56EC024E1CDCD86CA6B586D8.css?_v=638149274932427199 - -
2023-03-20 16:45:39.249 +00:00 [INF] No cached response available for this request.
2023-03-20 16:45:39.257 +00:00 [INF] Request starting HTTP/1.1 GET http://api.ccalp.net/__bundles/LeptonX.Global.9325FB768F9C0093DC4664395D730921.css?_v=638149274949508529 - -
2023-03-20 16:45:39.257 +00:00 [INF] No cached response available for this request.
2023-03-20 16:45:39.267 +00:00 [INF] The file /__bundles/Views.Error.DefaultErrorComponent.default.F15FCDEA56EC024E1CDCD86CA6B586D8.css was not modified
2023-03-20 16:45:39.267 +00:00 [INF] The response could not be cached for this request.
2023-03-20 16:45:39.267 +00:00 [INF] Request finished HTTP/1.1 GET http://api.ccalp.net/__bundles/Views.Error.DefaultErrorComponent.default.F15FCDEA56EC024E1CDCD86CA6B586D8.css?_v=638149274932427199 - - - 304 - text/css 17.7976ms
2023-03-20 16:45:39.267 +00:00 [INF] Request starting HTTP/1.1 GET http://api.ccalp.net/Abp/ApplicationLocalizationScript?cultureName=en - -
2023-03-20 16:45:39.267 +00:00 [INF] No cached response available for this request.
2023-03-20 16:45:39.275 +00:00 [INF] The file /__bundles/LeptonX.Global.9325FB768F9C0093DC4664395D730921.css was not modified
2023-03-20 16:45:39.275 +00:00 [INF] The response could not be cached for this request.
2023-03-20 16:45:39.275 +00:00 [INF] Request finished HTTP/1.1 GET http://api.ccalp.net/__bundles/LeptonX.Global.9325FB768F9C0093DC4664395D730921.css?_v=638149274949508529 - - - 304 - text/css 22.9672ms
2023-03-20 16:45:39.276 +00:00 [INF] Request starting HTTP/1.1 GET http://api.ccalp.net/Abp/ServiceProxyScript - -
2023-03-20 16:45:39.276 +00:00 [INF] No cached response available for this request.
2023-03-20 16:45:39.284 +00:00 [INF] The file /__bundles/LeptonX.Global.DD44B0ECF605910A5B8FAD560D306DDE.js was not modified
2023-03-20 16:45:39.285 +00:00 [INF] The response could not be cached for this request.
2023-03-20 16:45:39.285 +00:00 [INF] Request finished HTTP/1.1 GET http://api.ccalp.net/__bundles/LeptonX.Global.DD44B0ECF605910A5B8FAD560D306DDE.js?_v=638149274977838065 - - - 304 - application/javascript 44.2280ms
2023-03-20 16:45:39.322 +00:00 [INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.Localization.AbpApplicationLocalizationScriptController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
2023-03-20 16:45:39.322 +00:00 [INF] Route matched with {area = "Abp", action = "Get", controller = "AbpApplicationLocalizationScript", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.ActionResult] GetAsync(Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationLocalizationRequestDto) on controller Volo.Abp.AspNetCore.Mvc.Localization.AbpApplicationLocalizationScriptController (Volo.Abp.AspNetCore.Mvc).
2023-03-20 16:45:39.331 +00:00 [INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationScriptController.Get (Volo.Abp.AspNetCore.Mvc)'
2023-03-20 16:45:39.331 +00:00 [INF] Route matched with {area = "Abp", action = "Get", controller = "AbpApplicationConfigurationScript", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.ActionResult] Get() on controller Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationScriptController (Volo.Abp.AspNetCore.Mvc).
2023-03-20 16:45:39.340 +00:00 [INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.ProxyScripting.AbpServiceProxyScriptController.GetAll (Volo.Abp.AspNetCore.Mvc)'
2023-03-20 16:45:39.340 +00:00 [INF] Route matched with {area = "Abp", action = "GetAll", controller = "AbpServiceProxyScript", page = ""}. Executing controller action with signature Microsoft.AspNetCore.Mvc.ActionResult GetAll(Volo.Abp.AspNetCore.Mvc.ProxyScripting.ServiceProxyGenerationModel) on controller Volo.Abp.AspNetCore.Mvc.ProxyScripting.AbpServiceProxyScriptController (Volo.Abp.AspNetCore.Mvc).
2023-03-20 16:45:39.569 +00:00 [INF] Executing ContentResult with HTTP Response ContentType of application/javascript
2023-03-20 16:45:39.569 +00:00 [INF] Executed action Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationScriptController.Get (Volo.Abp.AspNetCore.Mvc) in 237.6933ms
2023-03-20 16:45:39.569 +00:00 [INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationScriptController.Get (Volo.Abp.AspNetCore.Mvc)'
2023-03-20 16:45:39.569 +00:00 [INF] The response could not be cached for this request.
2023-03-20 16:45:39.581 +00:00 [INF] Request finished HTTP/1.1 GET http://api.ccalp.net/Abp/ApplicationConfigurationScript - - - 200 6827 application/javascript 344.3676ms
2023-03-20 16:45:39.590 +00:00 [INF] Executing ContentResult with HTTP Response ContentType of application/javascript
2023-03-20 16:45:39.590 +00:00 [INF] Executed action Volo.Abp.AspNetCore.Mvc.Localization.AbpApplicationLocalizationScriptController.GetAsync (Volo.Abp.AspNetCore.Mvc) in 267.9214ms
2023-03-20 16:45:39.590 +00:00 [INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.Localization.AbpApplicationLocalizationScriptController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
2023-03-20 16:45:39.598 +00:00 [INF] The response could not be cached for this request.
2023-03-20 16:45:39.598 +00:00 [INF] Request finished HTTP/1.1 GET http://api.ccalp.net/Abp/ApplicationLocalizationScript?cultureName=en - - - 200 59580 application/javascript 330.7286ms
2023-03-20 16:45:39.648 +00:00 [INF] Executing ContentResult with HTTP Response ContentType of application/javascript
2023-03-20 16:45:39.648 +00:00 [INF] Executed action Volo.Abp.AspNetCore.Mvc.ProxyScripting.AbpServiceProxyScriptController.GetAll (Volo.Abp.AspNetCore.Mvc) in 308.115ms
2023-03-20 16:45:39.648 +00:00 [INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.ProxyScripting.AbpServiceProxyScriptController.GetAll (Volo.Abp.AspNetCore.Mvc)'
2023-03-20 16:45:39.658 +00:00 [INF] The response could not be cached for this request.
2023-03-20 16:45:39.658 +00:00 [INF] Request finished HTTP/1.1 GET http://api.ccalp.net/Abp/ServiceProxyScript - - - 200 56340 application/javascript 382.6649ms
2023-03-20 16:45:46.175 +00:00 [INF] Request starting HTTP/1.1 GET http://api.ccalp.net/favicon.ico - -
2023-03-20 16:45:46.175 +00:00 [INF] No cached response available for this request.
2023-03-20 16:45:46.200 +00:00 [INF] The response could not be cached for this request.
2023-03-20 16:45:46.201 +00:00 [INF] Request finished HTTP/1.1 GET http://api.ccalp.net/favicon.ico - - - 302 0 - 25.8412ms
2023-03-20 16:45:46.239 +00:00 [INF] Request starting HTTP/1.1 GET http://api.ccalp.net/Error?httpStatusCode=404 - -
2023-03-20 16:45:46.239 +00:00 [INF] No cached response available for this request.
2023-03-20 16:45:46.245 +00:00 [INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)'
2023-03-20 16:45:46.245 +00:00 [INF] Route matched with {action = "Index", controller = "Error", area = "", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] Index(Int32) on controller Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared).
2023-03-20 16:45:46.252 +00:00 [INF] Executing ViewResult, running view ~/Views/Error/404.cshtml.
2023-03-20 16:45:46.283 +00:00 [INF] Executed ViewResult - view ~/Views/Error/404.cshtml executed in 30.7539ms.
2023-03-20 16:45:46.283 +00:00 [INF] Executed action Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared) in 38.411ms
2023-03-20 16:45:46.283 +00:00 [INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)'
2023-03-20 16:45:46.283 +00:00 [INF] The response could not be cached for this request.
2023-03-20 16:45:46.283 +00:00 [INF] Request finished HTTP/1.1 GET http://api.ccalp.net/Error?httpStatusCode=404 - - - 404 - text/html;+charset=utf-8 44.5447ms

0

maliming created one year ago

Support Team Fullstack Developer

Please share the logs of AuthServer when you get 400.

0

pablo@ccalp.net created one year ago

Is this what you are looking for? IS there a way I can upload the entire log file?

2023-03-20 16:45:38.303 +00:00 [INF] Request finished HTTP/1.1 GET http://api.ccalp.net/api/abp/application-localization?cultureName=en&onlyDynamics=false - - - 200 - application/json;+charset=utf-8 33.4436ms 2023-03-20 16:45:38.894 +00:00 [INF] Request starting HTTP/1.1 GET http://api.ccalp.net/connect/authorize?response_type=code&client_id=CompuCare_App&state=SXozejByamcxam9ibGMxUndueUtPdmdlekpLSDlzeExGUmMySFBhX3RxbV9H&redirect_uri=https%3A%2F%2Fccalp.net&scope=openid%20offline_access%20CompuCare&code_challenge=mby31qqbtuatfUUDCR6Llb2izIroRqr6qE-jj8Ggoos&code_challenge_method=S256&nonce=SXozejByamcxam9ibGMxUndueUtPdmdlekpLSDlzeExGUmMySFBhX3RxbV9H&culture=en&ui-culture=en - - 2023-03-20 16:45:38.894 +00:00 [INF] No cached response available for this request. 2023-03-20 16:45:38.922 +00:00 [INF] The request URI matched a server endpoint: "Authorization". 2023-03-20 16:45:38.923 +00:00 [INF] The authorization request was successfully extracted: { "response_type": "code", "client_id": "CompuCare_App", "state": "SXozejByamcxam9ibGMxUndueUtPdmdlekpLSDlzeExGUmMySFBhX3RxbV9H", "redirect_uri": "https://ccalp.net", "scope": "openid offline_access CompuCare", "code_challenge": "mby31qqbtuatfUUDCR6Llb2izIroRqr6qE-jj8Ggoos", "code_challenge_method": "S256", "nonce": "SXozejByamcxam9ibGMxUndueUtPdmdlekpLSDlzeExGUmMySFBhX3RxbV9H", "culture": "en", "ui-culture": "en" }. 2023-03-20 16:45:38.950 +00:00 [INF] Client validation failed because 'https://ccalp.net' was not a valid redirect_uri for CompuCare_App. 2023-03-20 16:45:38.950 +00:00 [INF] The authorization request was rejected because the redirect_uri was invalid: 'https://ccalp.net'. 2023-03-20 16:45:38.972 +00:00 [INF] The response could not be cached for this request. 2023-03-20 16:45:38.982 +00:00 [INF] Request finished HTTP/1.1 GET http://api.ccalp.net/connect/authorize?response_type=code&client_id=CompuCare_App&state=SXozejByamcxam9ibGMxUndueUtPdmdlekpLSDlzeExGUmMySFBhX3RxbV9H&redirect_uri=https%3A%2F%2Fccalp.net&scope=openid%20offline_access%20CompuCare&code_challenge=mby31qqbtuatfUUDCR6Llb2izIroRqr6qE-jj8Ggoos&code_challenge_method=S256&nonce=SXozejByamcxam9ibGMxUndueUtPdmdlekpLSDlzeExGUmMySFBhX3RxbV9H&culture=en&ui-culture=en - - - 302 0 - 88.2534ms 2023-03-20 16:45:39.028 +00:00 [INF] Request starting HTTP/1.1 GET http://api.ccalp.net/Error?httpStatusCode=400 - - 2023-03-20 16:45:39.028 +00:00 [INF] No cached response available for this request. 2023-03-20 16:45:39.056 +00:00 [INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)' 2023-03-20 16:45:39.056 +00:00 [INF] Route matched with {action = "Index", controller = "Error", area = "", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] Index(Int32) on controller Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared). 2023-03-20 16:45:39.066 +00:00 [INF] Executing ViewResult, running view ~/Views/Error/Default.cshtml. 2023-03-20 16:45:39.161 +00:00 [INF] Executed ViewResult - view ~/Views/Error/Default.cshtml executed in 94.2435ms. 2023-03-20 16:45:39.161 +00:00 [INF] Executed action Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared) in 104.8771ms 2023-03-20 16:45:39.161 +00:00 [INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)' 2023-03-20 16:45:39.161 +00:00 [INF] The response could not be cached for this request. 2023-03-20 16:45:39.161 +00:00 [INF] Request finished HTTP/1.1 GET http://api.ccalp.net/Error?httpStatusCode=400 - - - 400 - text/html;+charset=utf-8 133.2881ms

0

maliming created one year ago

Support Team Fullstack Developer

hi

**Client validation failed because 'https://ccalp.net' was not a valid redirect_uri for CompuCare_App.
The authorization request was rejected because the redirect_uri was invalid: 'https://ccalp.net'.**

What's the application definition of CompuCare_App in the database?

I think adding options.WildcardDomainsFormat.Add("https://ccalp.net"); will solve it. but you better add https://ccalp.net to CompuCare_App as its redirect_uri.

  PreConfigure(options =>
    {
        options.EnableWildcardDomainSupport = true;
        options.WildcardDomainsFormat.Add("https://ccalp.net");
        options.WildcardDomainsFormat.Add("https://{0}.ccalp.net/signin-oidc");
        options.WildcardDomainsFormat.Add("https://{0}.ccalp.net/signout-callback-oidc");
    });

0

maliming created one year ago

Support Team Fullstack Developer

0

pablo@ccalp.net created one year ago

I had to add each domain so that it works for now but will try adding https://ccalp.net in the code and see if it works. I can't keep adding tenants to the URLs.

0

maliming created one year ago

Support Team Fullstack Developer

ok

You can try that.

  PreConfigure(options =>
    {
        options.EnableWildcardDomainSupport = true;
        options.WildcardDomainsFormat.Add("https://ccalp.net");
        options.WildcardDomainsFormat.Add("other domains")
        options.WildcardDomainsFormat.Add("https://{0}.ccalp.net/signin-oidc");
        options.WildcardDomainsFormat.Add("https://{0}.ccalp.net/signout-callback-oidc");
    });

0

pablo@ccalp.net created one year ago

I don't think the following is working:

    PreConfigure<AbpOpenIddictWildcardDomainOptions>(options =>
    {
        options.EnableWildcardDomainSupport = true;
        options.WildcardDomainsFormat.Add("https://ccalp.net");
        options.WildcardDomainsFormat.Add("https://api.ccalp.net");
        options.WildcardDomainsFormat.Add("https://{0}.ccalp.net/signin-oidc");
        options.WildcardDomainsFormat.Add("https://{0}.api.ccalp.net/signin-oidc");
        options.WildcardDomainsFormat.Add("https://{0}.ccalp.net/signout-callback-oidc");
        options.WildcardDomainsFormat.Add("https://{0}.api.ccalp.net/signout-callback-oidc");
    });

We have over 50 tenants (subdomains) and I can't add them all here or in the database, it is just not maintainable. We need the wildcard to work.

What would be the right configuration both for the database and for the code?

The client (angular) application domain is: "ccalp.net" (localhost:4200) The API domain is: "api.ccalp.net" (localhost:44349)

And each tenant will be in their own subdomain: [tenant-database].ccalp.net [tenant-database].api.ccalp.net

Please we need this resolved ASAP.

Thank you.

0

maliming created one year ago

Support Team Fullstack Developer

hi

I don't think the following is working:

Have you tried it? This is the correct way to do it now. And I believe it will work.

0

pablo@ccalp.net created one year ago

I have tried it, and the only way it is working is if I add the tenant's subdomains to the database, otherwise, when I log out I keep getting a 400 error.

CompuCare_App | [ "http://localhost:4200" , "https://ccalp.net" , "https://tenanta.ccalp.net" , "https://westchester.ccalp.net" ]

    PreConfigure<AbpOpenIddictWildcardDomainOptions>(options =>
    {
        options.EnableWildcardDomainSupport = true;
        options.WildcardDomainsFormat.Add("https://ccalp.net");
        options.WildcardDomainsFormat.Add("https://api.ccalp.net");

        options.WildcardDomainsFormat.Add("https://{0}.ccalp.net");
        options.WildcardDomainsFormat.Add("https://{0}.ccalp.net/signin-oidc");
        options.WildcardDomainsFormat.Add("https://{0}.ccalp.net/signout-callback-oidc");

        options.WildcardDomainsFormat.Add("https://{0}.api.ccalp.net");
        options.WildcardDomainsFormat.Add("https://{0}.api.ccalp.net/signin-oidc");
        options.WildcardDomainsFormat.Add("https://{0}.api.ccalp.net/signout-callback-oidc");
    });

2023-03-22 00:35:50.926 +00:00 [INF] Request starting HTTP/1.1 GET http://tenanta.api.ccalp.net/connect/logout?id_token_hint=eyJhbGciOiJSUzI1NiIsImtpZCI6IjBCRUIwRkE3QkJDQ0IwMEM1NDhDRkMxQUQwQkYxMUE0OERCMEZGN0QiLCJ4NXQiOiJDLXNQcDd2TXNBeFVqUHdhMEw4UnBJMndfMzAiLCJ0eXAiOiJKV1QifQ.eyJzdWIiOiJiMGJkNjdlYS01N2UwLWU3ZDEtNTIwOC0zYTBhMGE2ZGQ1OTYiLCJ0ZW5hbnRpZCI6Ijc1MTlmZjEwLTE1MDQtNWQ1Ny1kYTNkLTNhMGEwYTZkYjdjNSIsIm9pX2F1X2lkIjoiYWEyZGJlNjEtOGNmNS1jMDQxLWFkOTAtM2EwYTE4OTM0OGFhIiwiYXpwIjoiQ29tcHVDYXJlX0FwcCIsIm5vbmNlIjoiTkVaUmVuWjJiRkpFZUVWWlRtdEJaRVUwUVVkb00wRjZVVTB4ZEY5dWRsOURjSHBuV1VKd1JqbHlUelZFIiwiYXRfaGFzaCI6IlU4V0FvSTBqUTFOeGNEZHA0bXJic2ciLCJvaV90a25faWQiOiJmNDVhNzBiOS0yZTY0LTJhOTQtN2Y3My0zYTBhMThlYjBiM2IiLCJhdWQiOiJDb21wdUNhcmVfQXBwIiwiZXhwIjoxNjc5NDQ2NTQwLCJpc3MiOiJodHRwczovL3RlbmFudGEuYXBpLmNjYWxwLm5ldC8iLCJpYXQiOjE2Nzk0NDUzNDB9.IxqT1V0i71NTLrWujtDvIWLy9E-BIi6x278Q1m-ztGFJefi4TzoKYb0VgLNWy6GSGjTHsW6t_Dd0DaSuLg5Ulit6hWZEELOCwkKxA3-EiUCjaXQwKcRAJXLYyS6pAfptJTOOe_5LME-rYtbIYYrnGAc2efekGuO1FeayxJaFFACJ77AnySgssUUii3BmkhFRyhTyuiBCU-oH_SaZ7okVvMx2bUBeV05MM8NvjU3Q41PsbRPUnOEwwiukoyH7UTCV6MiHkzqREurtMVOa5bfE76D_ocupqLXdFqcjK-qnoXK2H4tgWhsfAvoAz93_Xb3yCXRXQCvc2nlBTFeuekb0FQ&post_logout_redirect_uri=https%3A%2F%2Ftenanta.ccalp.net&culture=en&ui-culture=en - - 2023-03-22 00:35:50.926 +00:00 [INF] No cached response available for this request. 2023-03-22 00:35:50.927 +00:00 [INF] The request URI matched a server endpoint: "Logout". 2023-03-22 00:35:50.927 +00:00 [INF] The logout request was successfully extracted: { "id_token_hint": "[redacted]", "post_logout_redirect_uri": "https://tenanta.ccalp.net", "culture": "en", "ui-culture": "en" }. 2023-03-22 00:35:51.001 +00:00 [WRN] The logout request was rejected because the identity token used as a hint was issued to a different client. 2023-03-22 00:35:51.001 +00:00 [INF] The response could not be cached for this request. 2023-03-22 00:35:51.019 +00:00 [INF] Request finished HTTP/1.1 GET http://tenanta.api.ccalp.net/connect/logout?id_token_hint=eyJhbGciOiJSUzI1NiIsImtpZCI6IjBCRUIwRkE3QkJDQ0IwMEM1NDhDRkMxQUQwQkYxMUE0OERCMEZGN0QiLCJ4NXQiOiJDLXNQcDd2TXNBeFVqUHdhMEw4UnBJMndfMzAiLCJ0eXAiOiJKV1QifQ.eyJzdWIiOiJiMGJkNjdlYS01N2UwLWU3ZDEtNTIwOC0zYTBhMGE2ZGQ1OTYiLCJ0ZW5hbnRpZCI6Ijc1MTlmZjEwLTE1MDQtNWQ1Ny1kYTNkLTNhMGEwYTZkYjdjNSIsIm9pX2F1X2lkIjoiYWEyZGJlNjEtOGNmNS1jMDQxLWFkOTAtM2EwYTE4OTM0OGFhIiwiYXpwIjoiQ29tcHVDYXJlX0FwcCIsIm5vbmNlIjoiTkVaUmVuWjJiRkpFZUVWWlRtdEJaRVUwUVVkb00wRjZVVTB4ZEY5dWRsOURjSHBuV1VKd1JqbHlUelZFIiwiYXRfaGFzaCI6IlU4V0FvSTBqUTFOeGNEZHA0bXJic2ciLCJvaV90a25faWQiOiJmNDVhNzBiOS0yZTY0LTJhOTQtN2Y3My0zYTBhMThlYjBiM2IiLCJhdWQiOiJDb21wdUNhcmVfQXBwIiwiZXhwIjoxNjc5NDQ2NTQwLCJpc3MiOiJodHRwczovL3RlbmFudGEuYXBpLmNjYWxwLm5ldC8iLCJpYXQiOjE2Nzk0NDUzNDB9.IxqT1V0i71NTLrWujtDvIWLy9E-BIi6x278Q1m-ztGFJefi4TzoKYb0VgLNWy6GSGjTHsW6t_Dd0DaSuLg5Ulit6hWZEELOCwkKxA3-EiUCjaXQwKcRAJXLYyS6pAfptJTOOe_5LME-rYtbIYYrnGAc2efekGuO1FeayxJaFFACJ77AnySgssUUii3BmkhFRyhTyuiBCU-oH_SaZ7okVvMx2bUBeV05MM8NvjU3Q41PsbRPUnOEwwiukoyH7UTCV6MiHkzqREurtMVOa5bfE76D_ocupqLXdFqcjK-qnoXK2H4tgWhsfAvoAz93_Xb3yCXRXQCvc2nlBTFeuekb0FQ&post_logout_redirect_uri=https%3A%2F%2Ftenanta.ccalp.net&culture=en&ui-culture=en - - - 302 0 - 75.1705ms 2023-03-22 00:35:51.071 +00:00 [INF] Request starting HTTP/1.1 GET http://tenanta.api.ccalp.net/Error?httpStatusCode=400 - -

0

maliming created one year ago

Support Team Fullstack Developer

This PR will fix the The logout request was rejected because the identity token used as a hint was issued to a different client.

https://github.com/abpframework/abp/pull/15898

I will share a solution in 7.0.3, wait a minute.

0

maliming created one year ago

Support Team Fullstack Developer

PreConfigure<OpenIddictServerBuilder>(builder =>
{
    builder.RemoveEventHandler(OpenIddictServerHandlers.Session.ValidateAuthorizedParty.Descriptor);
    builder.AddEventHandler(AbpValidateAuthorizedParty.Descriptor);
}

using Microsoft.Extensions.Options;
using OpenIddict.Abstractions;
using OpenIddict.Server;
using Volo.Abp;
using Volo.Abp.OpenIddict.WildcardDomains;
using Volo.Abp.Text.Formatting;

namespace OpenIddict.Demo.Server;

public class AbpValidateAuthorizedParty : IOpenIddictServerHandler<OpenIddictServerEvents.ValidateLogoutRequestContext>
{
    public static OpenIddictServerHandlerDescriptor Descriptor { get; }
        = OpenIddictServerHandlerDescriptor.CreateBuilder<OpenIddictServerEvents.ValidateLogoutRequestContext>()
            .UseScopedHandler<AbpValidateAuthorizedParty>()
            .SetOrder(OpenIddictServerHandlers.Session.ValidateToken.Descriptor.Order + 1_000)
            .SetType(OpenIddictServerHandlerType.BuiltIn)
            .Build();
    protected AbpOpenIddictWildcardDomainOptions WildcardDomainOptions { get; }
    protected IOpenIddictApplicationManager ApplicationManager { get; }

    public AbpValidateAuthorizedParty(IOptions<AbpOpenIddictWildcardDomainOptions> wildcardDomainOptions,IOpenIddictApplicationManager applicationManager)
    {
        WildcardDomainOptions = wildcardDomainOptions.Value;
        ApplicationManager = applicationManager;
    }

    public async ValueTask HandleAsync(OpenIddictServerEvents.ValidateLogoutRequestContext context)
    {
        Check.NotNull(context, nameof(context));
        Check.NotNull(context.IdentityTokenHintPrincipal, nameof(context.IdentityTokenHintPrincipal));

        if (await CheckWildcardDomainAsync(context.PostLogoutRedirectUri))
        {
            return;
        }

        await new OpenIddictServerHandlers.Session.ValidateAuthorizedParty(ApplicationManager).HandleAsync(context);
    }

    protected virtual Task<bool> CheckWildcardDomainAsync(string url)
    {
        foreach (var domainFormat in WildcardDomainOptions.WildcardDomainsFormat)
        {
            var extractResult = FormattedStringValueExtracter.Extract(url, domainFormat, ignoreCase: true);
            if (extractResult.IsMatch)
            {
                return Task.FromResult(true);
            }
        }

        foreach (var domainFormat in WildcardDomainOptions.WildcardDomainsFormat)
        {
            if (domainFormat.Replace("{0}.", "").Equals(url, StringComparison.OrdinalIgnoreCase))
            {
                return Task.FromResult(true);
            }
        }

        return Task.FromResult(false);
    }
}

0

pablo@ccalp.net created one year ago

Where do I need to add that code?

0

maliming created one year ago

Support Team Fullstack Developer

Your AuthServer project

16 Answer(s)