Starts in:
2 DAYS
10 HRS
10 MIN
59 SEC
Starts in:
2 D
10 H
10 M
59 S
Open Closed

HOW TO AUTHENTICATE EXERNAL SSO TOKEN WITH ADMIN APIS #5427


User avatar
0
shijo created
  • ABP Framework version: v7.3.0

  • UI type: Angular

  • DB provider: EF Core

  • Tiered (MVC) or Auth Server Separated (Angular): yes

  • Exception message and stack trace:

  • Steps to reproduce the issue:"

    1. Client Application/Mobile app getting authorized and obtained token from External SSO Application
    2. API call initiated with the tenant and generated token

    How to configure extra authentication to validate this external token in abp api application ? Here is the sample flow diagram.


37 Answer(s)
  • User Avatar
    0
    shijo created

    TestApp.HttpApi.Host

    All APIs are in TestApp.HttpApi.Host, how to access API by external user? Strange thing is when I placed [Authorize(AuthenticationSchemes = "Bearer,jwt2")] in controller attribute api returning data and same thing when I placed in Service not working

  • User Avatar
    0
    shijo created

    Hi, Nothing is working out.

    See I want to switch users based on token claim data emailid, before calling the APIs, I think now that's user switching is not happening, and thats why API authorization is failing.

    When I am calling API, lifecycle is somethings like this

    1. https://localhost:44316/api/app/authors >>>
    2. AuthorsAppService constructor
    3. AuthorController constructor
    4. Task<PagedResultDto<AuthorDto>> GetListAsync(GetAuthorsInput input) in AuthorController
    5. TokenValidated(TokenValidatedContext context) in JWTToken validator
      • Inside here I am trying to switch user but not working
    6. Response 401 UnAuthorized ** service (AuthorsAppService) layer method not calling at all
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    I can check it remotely. My time zone is utc+8.

  • User Avatar
    0
    shijo created

    hi

    I can check it remotely. My time zone is utc+8.

    I have teamviewer, can you access ?? Let me know your convenient time, I am available any time.

  • User Avatar
    0
    shijo created

    Hi, Can you update me on this, the task is bit urgent

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    I can check it remotely tomorrow.

    UTC+8 9:00-12:00 13:00-18:00

    You can email me liming.ma@volosoft.com

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    You can keep testing it and give feedback here.

  • User Avatar
    0
    shijo created

    hi

    You can keep testing it and give feedback here.

    Working fine, I mapped the role in admin to give permission to access the APIs.

    One more question, Is that a good approach to check user availability from db on the token-validated event?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    You can add your code to:

    app.Use(async (ctx, next) =>
    {
        if (ctx.User.Identity?.IsAuthenticated != true)
        {
            var result = await ctx.AuthenticateAsync("jwt2");
            if (result.Succeeded && result.Principal != null)
            {
                // add your logic
                ctx.User = result.Principal;
                // add your logic
    
            }
        }
    
        await next();
    });
            
    
  • User Avatar
    0
    shijo created

    hi

    You can add your code to:

    app.Use(async (ctx, next) => 
    { 
        if (ctx.User.Identity?.IsAuthenticated != true) 
        { 
            var result = await ctx.AuthenticateAsync("jwt2"); 
            if (result.Succeeded && result.Principal != null) 
            { 
                // add your logic 
                ctx.User = result.Principal; 
                // add your logic 
     
            } 
        } 
     
        await next(); 
    }); 
             
    

    Production environment _currentTenant is null inside TokenValidated method, locally I am getting the value what could be the reason?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Maybe the cookies are different in local and production.

    https://docs.abp.io/en/abp/latest/Multi-Tenancy#default-tenant-resolvers

  • User Avatar
    0
    shijo created

    Issue solved, Thanks for your support

Made with ❤️ on ABP v9.1.0-preview. Updated on November 20, 2024, 13:06