Open Closed

Tenant Resolver issue in Azure #7346


User avatar
0
n.uerkmez created
  • ABP Framework version: v8.1.3
  • UI Type: Angular
  • Database System: EF Core (SQL Server, Oracle, MySQL, PostgreSQL, etc..)
  • Tiered (for MVC) or Auth Server Separated (for Angular): yes
  • Exception message and full stack trace:
  • Steps to reproduce the issue:

1 separate auth server (linux), 1 static web application, 1 host api (linux), 1 hostapi (windows) on Azure platform. xxx is a subdomain under** immo-prov.de **of doamin

https://xxx.immo-prov.de => (angular application) https://xxx.auth-server.immo-prov.de =>(auth server) https://xxx.api.immo-prov.de=> (host api) https://xxx.api-win.immo-prov.de=> (host windows api)

I can log in from Swagger and Authserver interface, but Angular UI unfortunately requests serially to authserver requests. Token is trying to validate https://auth-server.immo-prov.de instead of https://xxx.auth-server.immoprov.de.

/.well-known/openid-configuration result is as follows issuer: "https://auth-server.immo-prov.de/" has no xxx subdomain whereas he rests have.

issuer: "https://auth-server.immo-prov.de/", authorization_endpoint: "https://xxx.auth-server.immo-prov.de/connect/authorize", token_endpoint: "https://xxx.auth-server.immo-prov.de/connect/token", introspection_endpoint: "https://xxx.auth-server.immo-prov.de/connect/introspect", end_session_endpoint: "https://xxx.auth-server.immo-prov.de/connect/logout", revocation_endpoint: "https://xxx.auth-server.immo-prov.de/connect/revocat", userinfo_endpoint: "https://xxx.auth-server.immo-prov.de/connect/userinfo", device_authorization_endpoint: "https://xxx.auth-server.immo-prov.de/device", jwks_uri: "https://xxx.auth-server.immo-prov.de/.well-known/jwks",

I need a solution as soon as possible.

Since 2 days I have been reading your documents. Unfortunately, I could not find a solution. If possible you can connect with remote access and analyze the problem.

I really appreciate any help you can provide.

Best Regards


27 Answer(s)
  • User Avatar
    0
    n.uerkmez created

    Urgent!

  • User Avatar
    0
    n.uerkmez created

    I've solved the problem for the time being. If I reencounter it, I'll reopen the ticket. But for now, please refund my ticket.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    Your ticket has been refunded.

  • User Avatar
    0
    n.uerkmez created

    Thanks

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    : )

  • User Avatar
    0
    n.uerkmez created

    Hi, How can Swagger's authority be set dynamically based on the subdomain like demo1.authserver.mydomain.com or demo2.authserver.mydomain.com instead of authserver.mydomain.com? Otherwise, it gets an access token always for the host regardless of tenant subdomain name(demo1, demo2).

    private static void ConfigureSwagger(ServiceConfigurationContext context, IConfiguration configuration)
    {
     
    
        context.Services.AddAbpSwaggerGenWithOAuth(
           ** configuration["AuthServer:Authority"])!,**
            new Dictionary<string, string>
            {
                    {"DemoMultitenant", "DemoMultitenant API"}
            },
            options =>
            {
                options.SwaggerDoc("v1", new OpenApiInfo { Title = "DemoMultitenant API", Version = "v1" });
                options.DocInclusionPredicate((docName, description) => true);
                options.CustomSchemaIds(type => type.FullName);
                options.HideAbpEndpoints();
                options.IgnoreObsoleteActions();
                options.IgnoreObsoleteProperties();
            });
    }
    
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    We have a PR to fix this https://github.com/abpframework/abp/pull/18355

    The AuthServer:Authority value should be like this:

    https://{0}.authserver.mystore.dev
    https://{{tenantName}}.authserver.mystore.dev
    https://{{tenantId}}.authserver.mystore.dev
    
  • User Avatar
    0
    n.uerkmez created

    I got the following error if I used any of these formats instead.

    Error : any on System.UriFormatException: Invalid URI: The hostname could not be parsed.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    What's the value of $"authority.TrimEnd('/')}{authorizationEndpoint.EnsureStartswith('/')} ?

  • User Avatar
    0
    n.uerkmez created

    $"authority.TrimEnd('/')}{authorizationEndpoint.EnsureStartswith('/')}

    Respectively authorization URL and token Url as follows;

    http://{0}.authserver.immoprov.local:44319/connect/authorize

    http://{0}.authserver.immoprov.local:44319/connect/token

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    We will fix the AddAbpSwaggerGenWithOAuth method.

    You can replace the abp.swagger.js and replace your tenant domain now.

    https://github.com/abpframework/abp/blob/dev/framework/src/Volo.Abp.Swashbuckle/wwwroot/swagger/ui/abp.swagger.js#L35 https://github.com/abpframework/abp/blob/dev/framework/src/Volo.Abp.Swashbuckle/wwwroot/swagger/ui/abp.swagger.js#L42

    Put the abp.swagger.js file in wwwroot/swagger/ui

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    https://github.com/abpframework/abp/pull/20068

  • User Avatar
    0
    n.uerkmez created

    Thanks for your answer. However, I have already implemented this solution before reopening this ticket. The issue is if I use any of the below format for AuthServer:Authority

    https://{0}.authserver.mystore.dev https://{{tenantName}}.authserver.mystore.dev https://{{tenantId}}.authserver.mystore.dev

    Everything works for Angular + Host API + Separated Auth Server with a subdomain, except Swagger. **context.Services.AddAbpSwaggerGenWithOAuth has failed. ** How can I resolve the parsing URI issue?

    Volo.Abp.AbpInitializationException: An error occurred during ConfigureServicesAsync phase of the module ImmoProv.ImmoProvHttpApiHostModule, ImmoProv.HttpApi.Host, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null. See the inner exception for details. ---> System.UriFormatException: Invalid URI: The hostname could not be parsed. at System.Uri.CreateThis(String uri, Boolean dontEscape, UriKind uriKind, UriCreationOptions& creationOptions) at System.Uri..ctor(String uriString) at Microsoft.Extensions.DependencyInjection.AbpSwaggerGenServiceCollectionExtensions.AddAbpSwaggerGenWithOAuth(IServiceCollection services, String authority, Dictionary2 scopes, Action1 setupAction, String authorizationEndpoint, String tokenEndpoint) at ImmoProv.ImmoProvHttpApiHostModule.ConfigureSwagger(ServiceConfigurationContext context, IConfiguration configuration) in C:\Projects\ImmoProv\aspnet-core\src\ImmoProv.HttpApi.Host\ImmoProvHttpApiHostModule.cs:line 288 at ImmoProv.ImmoProvHttpApiHostModule.ConfigureServices(ServiceConfigurationContext context) in C:\Projects\ImmoProv\aspnet-core\src\ImmoProv.HttpApi.Host\ImmoProvHttpApiHostModule.cs:line 118 at Volo.Abp.Modularity.AbpModule.ConfigureServicesAsync(ServiceConfigurationContext context) at Volo.Abp.AbpApplicationBase.ConfigureServicesAsync() --- End of inner exception stack trace --- at Volo.Abp.AbpApplicationBase.ConfigureServicesAsync() at Volo.Abp.AbpApplicationFactory.CreateAsync[TStartupModule](IServiceCollection services, Action1 optionsAction) at Microsoft.Extensions.DependencyInjection.ServiceCollectionApplicationExtensions.AddApplicationAsync[TStartupModule](IServiceCollection services, Action1 optionsAction) at Microsoft.Extensions.DependencyInjection.WebApplicationBuilderExtensions.AddApplicationAsync[TStartupModule](WebApplicationBuilder builder, Action`1 optionsAction) at ImmoProv.Program.Main(String[] args) in C:\Projects\ImmoProv\aspnet-core\src\ImmoProv.HttpApi.Host\Program.cs:line 49

  • User Avatar
    0
    n.uerkmez created

    Thanks for your answer. However, I have already implemented this solution before reopening this ticket. The issue is if I use any of the below format for AuthServer:Authority

    https://{0}.authserver.mystore.dev https://{{tenantName}}.authserver.mystore.dev https://{{tenantId}}.authserver.mystore.dev

    Everything works for Angular + Host API + Separated Auth Server with a subdomain, except Swagger. **context.Services.AddAbpSwaggerGenWithOAuth has failed. ** How can I resolve the parsing URI issue?

    Volo.Abp.AbpInitializationException: An error occurred during ConfigureServicesAsync phase of the module ImmoProv.ImmoProvHttpApiHostModule, ImmoProv.HttpApi.Host, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null. See the inner exception for details. ---> System.UriFormatException: Invalid URI: The hostname could not be parsed. at System.Uri.CreateThis(String uri, Boolean dontEscape, UriKind uriKind, UriCreationOptions& creationOptions) at System.Uri..ctor(String uriString) at Microsoft.Extensions.DependencyInjection.AbpSwaggerGenServiceCollectionExtensions.AddAbpSwaggerGenWithOAuth(IServiceCollection services, String authority, Dictionary2 scopes, Action1 setupAction, String authorizationEndpoint, String tokenEndpoint) at ImmoProv.ImmoProvHttpApiHostModule.ConfigureSwagger(ServiceConfigurationContext context, IConfiguration configuration) in C:\Projects\ImmoProv\aspnet-core\src\ImmoProv.HttpApi.Host\ImmoProvHttpApiHostModule.cs:line 288 at ImmoProv.ImmoProvHttpApiHostModule.ConfigureServices(ServiceConfigurationContext context) in C:\Projects\ImmoProv\aspnet-core\src\ImmoProv.HttpApi.Host\ImmoProvHttpApiHostModule.cs:line 118 at Volo.Abp.Modularity.AbpModule.ConfigureServicesAsync(ServiceConfigurationContext context) at Volo.Abp.AbpApplicationBase.ConfigureServicesAsync() --- End of inner exception stack trace --- at Volo.Abp.AbpApplicationBase.ConfigureServicesAsync() at Volo.Abp.AbpApplicationFactory.CreateAsync[TStartupModule](IServiceCollection services, Action1 optionsAction) at Microsoft.Extensions.DependencyInjection.ServiceCollectionApplicationExtensions.AddApplicationAsync[TStartupModule](IServiceCollection services, Action1 optionsAction) at Microsoft.Extensions.DependencyInjection.WebApplicationBuilderExtensions.AddApplicationAsync[TStartupModule](WebApplicationBuilder builder, Action`1 optionsAction) at ImmoProv.Program.Main(String[] args) in C:\Projects\ImmoProv\aspnet-core\src\ImmoProv.HttpApi.Host\Program.cs:line 49

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Can you apply the code from this PR https://github.com/abpframework/abp/pull/20068/files

  • User Avatar
    0
    n.uerkmez created

    How can I find and override the file? It is not in my project file (framework/src/Volo.Abp.Swashbuckle/Microsoft/Extensions/DependencyInjection/AbpSwaggerGenServiceCollectionExtensions.cs)

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    This is a static class. You can copy it to your project, rename it, and then call it.

  • User Avatar
    0
    n.uerkmez created

    I have applied it however, there is no progress. It is still working only for the host tenant regardless of the subdomain. Could you provide me a working sample for the separated authserver ? I want to see how ....HttpApiHostModule.cs is implemented in this regards

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    Have you replaced the abp.swagger.js file?

  • User Avatar
    0
    n.uerkmez created

    Yes

  • User Avatar
    0
    n.uerkmez created

    No available authorization if I replaced AddAbpSwaggerGenWithOAuth with AddAbpSwaggerGenWithOidc method in the HttpApiHostModule.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Can you add some custom string to abp.swagger.js and browse it? https://localhost:44305/swagger/ui/abp.swagger.js

    Make sure your customized abp.swagger.js is replaced.

  • User Avatar
    0
    n.uerkmez created

    Thanks. That works locally. Let me try in Azure as well. I will let you know if that fails.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    excellent!

Made with ❤️ on ABP v9.1.0-preview. Updated on November 01, 2024, 05:35