Hi ABP Support Team! We a using abp commercial
UI framework: angular
ABP Version: 7.3.2
Data access: MongoDB
Deployment: Azure Kubenetes Service
Template type: Application template, separate Authen Project
Currently, I'm Following and configured in angular application with document: https://docs.abp.io/en/abp/latest/UI/Angular/Multi-Tenancy
When access to host tenant, it is working, however when access on tenant, it is not working. It cannot resolver issuer domain. Can you help me for this? I think because the Authen project has set config issuer domain, is that the problem?
Here is the configmap authen:
Here is the configmap angular:
Here is the configmap Host project:
Here is the configmap Authproject:
56 Answer(s)
-
0
Hi mahmut.gundogdu! Can you help me for this?
-
0
Hi mahmut.gundogdu! Can you help me for this?
Hi I am trying to produce.I have produced. In my senario, the backend did not resolve the tenant. So I am looking the issue. I will send the solution.
-
0
Hi mahmut.gundogdu!
Can you help me for this?Hi I am trying to produce.I have produced. In my senario, the backend did not resolve the tenant. So I am looking the issue. I will send the solution.
I'm looking forward to your response! Thank you verry much!
-
0
Hi mahmut.gundogdu Currentlt, I'm using PreConfigure with AbpOpenIddictWildcardDomainOptions. when access to tenant, It is woking resolver issuer with current tenant, However it is not https protocol.
code is my solution:
do you think it work? -
0
hi
I will confirm this. : )
-
0
You can try only to keep one domain, It works for me.
-
0
Hi maliming!
In my case, api server are working as expected However, angular from tenant cannot resolve issuer domain. Please support me about this case
Here the configure in Angular application:
-
0
hi
The below JSON response means the tenant resolves is works. Can you share an online website URL so we can test it online?
-
0
Hi maliming! I send for you my domain information.
host : ticoplatform.com tenant: ticogroup.com
-
0
What is the angular url?
I need to reproduce the issue.
-
0
this is angular url: host : https://ticoplatform.com tenant: https://ticogroup.com
-
0
btw you can only call
AddDomainTenantResolveronce. Otherwise one of them will not work -
0
Hi maliming! Can you explain it to me in more detail?
-
0
The
DomainTenantResolveContributoralways breaks the resolve process. It always has a tenant value.So the second one will not be working anymore.
https://github.com/abpframework/abp/blob/dev/framework/src/Volo.Abp.AspNetCore.MultiTenancy/Volo/Abp/AspNetCore/MultiTenancy/DomainTenantResolveContributor.cs#L36
You can add your
DomainTenantResolveContributorto change this behavior. -
0
Hi maliming! Yea, I added custom resolver domain class
Here is the my code:
Can you help me see it?
-
0
hi
The key point is: If you confirm you have found a valid tenant, then set
context.Handled = true;and return a tenant name. -
0
Hi maliming! Yea, I'm sure Handle variable has set value equals true and return a tenant name.
You can see the screen shot!
-
0
Hi maliming! I add this like below code. But I'm having problem on anglar application. Still the same problem I mentioned above.
Can you help me for this?
-
0
hi
You don't need to clear all the resolvers.
You can add your
ContributorafterCurrentUserTenantResolveContributoroptions.TenantResolvers.InsertAfter( r => r is CurrentUserTenantResolveContributor, new DomainTenantResolveContributor(domainFormat) );Please output some logs in your
Contributorthen check the logs to see what happened. -
0
Hi maliming Before, I used Template Application when crete solution with single tenant. When angular application get API /.well-known/openid-configuration, the reponse is urls
example:
"issuer": "http://testing-auth.ticogroup.com/", "authorization_endpoint": "http://testing-auth.ticogroup.com/connect/authorize", "token_endpoint": "http://testing-auth.ticogroup.com/connect/token", "introspection_endpoint": "http://testing-auth.ticogroup.com/connect/introspect", "end_session_endpoint": "http://testing-auth.ticogroup.com/connect/logout", "revocation_endpoint": "http://testing-auth.ticogroup.com/connect/revocat", "userinfo_endpoint": "http://testing-auth.ticogroup.com/connect/userinfo", "device_authorization_endpoint": "http://testing-auth.ticogroup.com/device", "jwks_uri": "http://testing-auth.ticogroup.com/.well-known/jwks",
As you see, all url have http protocol. So I configure PreConfigure OpenIddictServerBuilder to set fixed value urls with https protocol
Here is the my code:
builder .SetAuthorizationEndpointUris(configuration["AuthServer:Authority"] + "/connect/authorize", "/connect/authorize", configuration["AuthServer:Authority"] + "/connect/authorize/callback", "/connect/authorize/callback") // /.well-known/oauth-authorization-server // /.well-known/openid-configuration //.SetConfigurationEndpointUris() // /.well-known/jwks .SetCryptographyEndpointUris(configuration["AuthServer:Authority"] + "/.well-known/jwks", "/.well-known/jwks") .SetDeviceEndpointUris(configuration["AuthServer:Authority"] + "/device", "/device") .SetIntrospectionEndpointUris(configuration["AuthServer:Authority"] + "/connect/introspect", "/connect/introspect") .SetLogoutEndpointUris(configuration["AuthServer:Authority"] + "/connect/logout", "/connect/logout") .SetRevocationEndpointUris(configuration["AuthServer:Authority"] + "/connect/revocat", "/connect/revocat") .SetTokenEndpointUris(configuration["AuthServer:Authority"] + "/connect/token", "/connect/token") .SetUserinfoEndpointUris(configuration["AuthServer:Authority"] + "/connect/userinfo", "/connect/userinfo") .SetVerificationEndpointUris(configuration["AuthServer:Authority"] + "/connect/verify", "/connect/verify");
Currently, My Project is implementing multiteancy and resolver tenant with domain.
Host: angualr: https://ticoplatform.com authen: https://testing-auth.ticoplatform.com api: https://testing-api.ticoplatform.com
tenant: angualr: https://ticogroup.com authen: https://testing-auth.ticogroup.com api: https://testing-api.ticogroup.com
So above code cannot work, Because above code has fixed value. Can you guild for me any solution for automatic resolve value with tenant and https protocol. Because domain not contains https protocol the angular application have blocked domain.
-
0
hi
As you see, all url have http protocol.
You can add a middleware force set the scheme as
httpsapp.Use((httpContext, next) => { httpContext.Request.Scheme = "https"; return next(); }); -
0
Hi maliming! Thank you for supporting me! My Authen service can automaticaly resolve issuer with tenant name and protocol is https But I cannot login on tenant (angular application). After that login successfully, you can see API get token is successfully. But I cannot redirect to home page on angular application.
Host: angualr: https://ticoplatform.com authen: https://testing-auth.ticoplatform.com api: https://testing-api.ticoplatform.com tenant: angualr: https://ticogroup.com authen: https://testing-auth.ticogroup.com api: https://testing-api.ticogroup.com
In Opposite, Host tenant has login successfully and redirect to home page of angular application.
Can you help me for this?
-
0
Hi maliming! Can you help me for this? I need this part urgently!
-
0
hi
The token has returned, I guess this is an angular issue. Our angular team will reply to you ASAP. : )
-
0
Thanks for maliming! I Looking forward to angular team response!
