Docker local deploy #7497

30 Answer(s)

• 

  0

  maliming created 4 months ago

  Support Team Fullstack Developer

  hi

  {
      "error": "invalid_request",
      "error_description": "This server only accepts HTTPS requests.",
      "error_uri": "https://documentation.openiddict.com/errors/ID2083"
  }
  

  Can you try to DisableTransportSecurityRequirement

  Configure<OpenIddictServerAspNetCoreOptions>(options =>
  {
      options.DisableTransportSecurityRequirement = true;
  });
  

  Save Cancel
• 

  0

  jmalla.cp created 4 months ago

  Hi,

  Is this configuration correct in produccion mode?

  Save Cancel
• 

  0

  maliming created 4 months ago

  Support Team Fullstack Developer

  hi

  If you can use https://webapp-authserver in your environment you don't need it.

  Save Cancel
• 

  0

  jmalla.cp created 4 months ago

  Hi,

  Now I get this error:

  2024-07-15 06:58:25.544 +00:00 [ERR] [] [] Exception occurred while processing message. Microsoft.IdentityModel.Tokens.SecurityTokenInvalidIssuerException: IDX10205: Issuer validation failed. Issuer: 'https://pc01:44334/'. Did not match: validationParameters.ValidIssuer: 'null' or validationParameters.ValidIssuers: 'http://webapp-authserver/'. at Microsoft.IdentityModel.Tokens.Validators.ValidateIssuer(String issuer, SecurityToken securityToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateIssuer(String issuer, JwtSecurityToken jwtToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateTokenPayload(JwtSecurityToken jwtToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.ValidateToken(String idToken, AuthenticationProperties properties, TokenValidationParameters validationParameters, JwtSecurityToken& jwt) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync() 2024-07-15 06:58:25.545 +00:00 [ERR] [] [] An unhandled exception has occurred while executing the request. System.Exception: An error was encountered while handling the remote login. ---> Microsoft.IdentityModel.Tokens.SecurityTokenInvalidIssuerException: IDX10205: Issuer validation failed. Issuer: 'https://pc01:44334/'. Did not match: validationParameters.ValidIssuer: 'null' or validationParameters.ValidIssuers: 'http://webapp-authserver/'. at Microsoft.IdentityModel.Tokens.Validators.ValidateIssuer(String issuer, SecurityToken securityToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateIssuer(String issuer, JwtSecurityToken jwtToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateTokenPayload(JwtSecurityToken jwtToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.ValidateToken(String idToken, AuthenticationProperties properties, TokenValidationParameters validationParameters, JwtSecurityToken& jwt) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync() --- End of inner exception stack trace --- at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync() at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Volo.Abp.AspNetCore.Security.AbpSecurityHeadersMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<

  Save Cancel
• 

  0

  maliming created 4 months ago

  Support Team Fullstack Developer

  hi

  Can you use HTTPS in your docker?

  Using HTTP will require some extra work.

  eg:

  SameSite problem

  The required antiforgery request token was not provided in either form field "__RequestVerificationToken" or header value "RequestVerificationToken".

  Save Cancel
• 

  0

  jmalla.cp created 4 months ago

  Hi,

  Yes, I can use HTTPS. How do I configure it?

  Save Cancel
• 

  0

  maliming created 4 months ago

  Support Team Fullstack Developer

  hi

  I'm not familiar with docker(docker-compose).

  Save Cancel
• 

  0

  jmalla.cp created 4 months ago

  Hi,

  And this exception is related about the same issue?

  2024-07-15 07:08:07.125 +00:00 [ERR] [] [] An unhandled exception has occurred while executing the request. System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'System.String'. ---> System.IO.IOException: IDX20804: Unable to retrieve document from: 'System.String'. ---> System.Net.Http.HttpRequestException: Cannot assign requested address (pc01:44334) ---> System.Net.Sockets.SocketException (99): Cannot assign requested address at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error, CancellationToken cancellationToken) at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.System.Threading.Tasks.Sources.IValueTaskSource.GetResult(Int16 token) at System.Net.Sockets.Socket.<ConnectAsync>g__WaitForConnectWithCancellation|277_0(AwaitableSocketAsyncEventArgs saea, ValueTask connectTask, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken) --- End of inner exception stack trace --- at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.AddHttp11ConnectionAsync(HttpRequestMessage request) at System.Threading.Tasks.TaskCompletionSourceWithCancellation1.WaitWithCancellationAsync(CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.GetHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken) at System.Net.Http.DiagnosticsHandler.SendAsyncCore(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken) at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel) --- End of inner exception stack trace --- at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel) at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(String address, IDocumentRetriever retriever, CancellationToken cancel) at Microsoft.IdentityModel.Protocols.ConfigurationManager1.GetConfigurationAsync(CancellationToken cancel) --- End of inner exception stack trace --- at Microsoft.IdentityModel.Protocols.ConfigurationManager1.GetConfigurationAsync(CancellationToken cancel) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsyncInternal(AuthenticationProperties properties) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsync(AuthenticationProperties properties) at Microsoft.AspNetCore.Authentication.AuthenticationHandler1.ChallengeAsync(AuthenticationProperties properties) at Microsoft.AspNetCore.Authentication.AuthenticationService.ChallengeAsync(HttpContext context, String scheme, AuthenticationProperties properties) at Microsoft.AspNetCore.Authorization.Policy.AuthorizationMiddlewareResultHandler.HandleAsync(RequestDelegate next, HttpContext context, AuthorizationPolicy policy, PolicyAuthorizationResult authorizeResult) at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Volo.Abp.AspNetCore.Security.AbpSecurityHeadersMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<<UseMiddlewareInterface>b__1>d.MoveNext() --- End of stack trace from previous location --- at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.<Invoke>g__Awaited|6_0(ExceptionHandlerMiddleware middleware, HttpContext context, Task task)

  Save Cancel
• 

  0

  maliming created 4 months ago

  Support Team Fullstack Developer

  hi

  Unable to obtain configuration from: 'System.String'.

  Set ShowPII to true to see the details logs.

  IdentityModelEventSource.ShowPII = true;

  https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/wiki/PII

  Save Cancel
• 

  0

  jmalla.cp created 4 months ago

  Could someone help me with the correct configuration of Docker Compose?

  Save Cancel
• 

  0

  maliming created 4 months ago

  Support Team Fullstack Developer

  hi

  You can check the resource from:

  https://learn.microsoft.com/en-us/aspnet/core/security/docker-compose-https?view=aspnetcore-8.0 https://www.google.com/search?q=asp+net+core+docker+compose+https

  Save Cancel
• 

  0

  jmalla.cp created 4 months ago

  Hi,

  Could you give me information in more detail about the environment parameters of docker services in abp framework 6.0 versión.

  Save Cancel
• 

  0

  maliming created 4 months ago

  Support Team Fullstack Developer

  hi

  What do you mean environment parameters ?

  Save Cancel
• 

  0

  jmalla.cp created 4 months ago

  version: '3.7'

  services: webapp-web: image: cincaporc/webapp-web:latest container_name: webapp-web build: context: ../../ dockerfile: src/Cincaporc.WebApp.Web/Dockerfile.local environment: - ASPNETCORE_URLS=https://+:443;http://+:80; - Kestrel__Certificates__Default__Path=/root/certificate/localhost.pfx - Kestrel__Certificates__Default__Password=91f91912-5ab0-49df-8166-23377efaf3cc - App__SelfUrl=https://localhost:44353 - AuthServer__RequireHttpsMetadata=false - AuthServer__IsContainerizedOnLocalhost=true - AuthServer__MetaAddress=http://webapp-identity-server - AuthServer__Authority=https://localhost:44334 - RemoteServices__Default__BaseUrl=http://webapp-api - RemoteServices__AbpAccountPublic__BaseUrl=http://webapp-identity-server - App__MVCPublicUrl=https://localhost:44306 - ConnectionStrings__Default=Data Source=sql-server;Initial Catalog=WebApp;User Id=sa;Password=myPassw0rd;MultipleActiveResultSets=true;Persist Security Info=True; - Redis__Configuration=redis ports: - "44353:443" depends_on: - webapp-api restart: on-failure volumes: - ./certs:/root/certificate networks: - abp-network

  webapp-api: image: cincaporc/webapp-api:latest container_name: webapp-api build: context: ../../ dockerfile: src/Cincaporc.WebApp.HttpApi.Host/Dockerfile.local environment: - ASPNETCORE_URLS=https://+:443;http://+:80; - Kestrel__Certificates__Default__Path=/root/certificate/localhost.pfx - Kestrel__Certificates__Default__Password=91f91912-5ab0-49df-8166-23377efaf3cc - App__SelfUrl=https://localhost:44354 - AuthServer__RequireHttpsMetadata=false - AuthServer__Authority=http://webapp-identity-server - App__MVCPublicUrl=https://localhost:44306 - ConnectionStrings__Default=Data Source=sql-server;Initial Catalog=WebApp;User Id=sa;Password=myPassw0rd;MultipleActiveResultSets=true;Persist Security Info=True; - Redis__Configuration=redis ports: - "44354:443" depends_on: sql-server: condition: service_healthy redis: condition: service_healthy restart: on-failure volumes: - ./certs:/root/certificate networks: - abp-network

  webapp-authserver: image: cincaporc/webapp-authserver:latest container_name: webapp-authserver build: context: ../../ dockerfile: src/Cincaporc.WebApp.AuthServer/Dockerfile.local environment: - ASPNETCORE_URLS=https://+:443;http://+:80; - App__SelfUrl=https://localhost:44334 - App__CorsOrigins=https://localhost:44353,https://localhost:44354 - AuthServer__RequireHttpsMetadata=false - AuthServer__Authority=http://webapp-authserver - AuthServer__SetSelfAsIssuer=true - Kestrel__Certificates__Default__Path=/root/certificate/localhost.pfx - Kestrel__Certificates__Default__Password=91f91912-5ab0-49df-8166-23377efaf3cc - ConnectionStrings__Default=Data Source=sql-server;Initial Catalog=WebApp;User Id=sa;Password=myPassw0rd;MultipleActiveResultSets=true;Persist Security Info=True; - Redis__Configuration=redis ports: - "44334:443" depends_on: sql-server: condition: service_healthy redis: condition: service_healthy restart: on-failure volumes: - ./certs:/root/certificate networks: - abp-network

  db-migrator: image: cincaporc/webapp-db-migrator:latest container_name: db-migrator build: context: ../../ dockerfile: src/WebApp.DbMigrator/Dockerfile.local environment: - IdentityServer__Clients__WebApp_Web__RootUrl=https://localhost:44353 - IdentityServer__Clients__WebApp_Swagger__RootUrl=https://localhost:44354 - ConnectionStrings__Default=Data Source=sql-server;Initial Catalog=WebApp;User Id=sa;Password=myPassw0rd;MultipleActiveResultSets=true;Persist Security Info=True; depends_on: sql-server: condition: service_healthy networks: - abp-network

  sql-server: container_name: sql-server image: mcr.microsoft.com/mssql/server:2019-latest ports: - "1434:1433" environment: SA_PASSWORD: "myPassw0rd" ACCEPT_EULA: "Y" volumes: - sqldata:/var/opt/mssql networks: - abp-network healthcheck: test: /opt/mssql-tools/bin/sqlcmd -S sql-server -U sa -P "myPassw0rd" -Q "SELECT 1" -b -o /dev/null interval: 10s timeout: 3s retries: 10 start_period: 10s redis: container_name: redis image: redis:alpine ports: - "6379:6379" networks: - abp-network healthcheck: test: ["CMD", "redis-cli","ping"] volumes: sqldata: name: webapp_sqldata networks: abp-network: name: webapp-network driver: bridge

  Save Cancel
• 

  0

  maliming created 4 months ago

  Support Team Fullstack Developer

  hi

  You can create a new template project and check the etc folder.

  

  Save Cancel
• 

  0

  jmalla.cp created 4 months ago

  Hi,

  I Copied the docker-compose from a new project but I get this error accessing the web project.

  2024-07-19 13:15:17.747 +00:00 [ERR] [] [] An unhandled exception has occurred while executing the request. System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://extranetapp.cinca.porc01:44334/.well-known/openid-configuration'. at Microsoft.IdentityModel.Protocols.ConfigurationManager1.GetConfigurationAsync(CancellationToken cancel) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsyncInternal(AuthenticationProperties properties) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsync(AuthenticationProperties properties) at Microsoft.AspNetCore.Authentication.AuthenticationHandler1.ChallengeAsync(AuthenticationProperties properties) at Microsoft.AspNetCore.Authentication.AuthenticationService.ChallengeAsync(HttpContext context, String scheme, AuthenticationProperties properties) at Microsoft.AspNetCore.Authorization.Policy.AuthorizationMiddlewareResultHandler.HandleAsync(RequestDelegate next, HttpContext context, AuthorizationPolicy policy, PolicyAuthorizationResult authorizeResult) at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context) at Cincaporc.WebApp.Middleware.Logging.SessionLoggingMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) in C:\Users\jmalla.CINCA\source\repos\Cincaporc\Cincaporc.WebApp\src\Cincaporc.WebApp.Middleware\Logging\SessionLoggingMiddleware.cs:line 23 at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<<UseMiddlewareInterface>b__1>d.MoveNext() --- End of stack trace from previous location --- at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Volo.Abp.AspNetCore.Security.AbpSecurityHeadersMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<<UseMiddlewareInterface>b__1>d.MoveNext() --- End of stack trace from previous location --- at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.<Invoke>g__Awaited|6_0(ExceptionHandlerMiddleware middleware, HttpContext context, Task task)

  Save Cancel
• 

  0

  maliming created 4 months ago

  Support Team Fullstack Developer

  hi

  IDX20803: Unable to obtain configuration from: 'https://extranetapp.cinca.porc01:44334/.well-known/openid-configuration'.

  The error is very clear. Can you check if https://extranetapp.cinca.porc01:44334/.well-known/openid-configuration is reachable in the container?

  Save Cancel
• 

  0

  mahuwei created 3 months ago

  I had the same problem. API can't access .well-known/openid-configuration but I can from my browser

  Save Cancel
• 

  0

  maliming created 3 months ago

  Support Team Fullstack Developer

  hi mahuwei Please create a new question and share your problem details. Thanks.

  Save Cancel
• 

  0

  jmalla.cp created 4 months ago

  Sorry Maliming,

  Can you tell me how I can change the configuration because webapp-authserver accept HTTP connections?

  Thanks

  Save Cancel
• 

  0

  maliming created 4 months ago

  Support Team Fullstack Developer

  hi

  Can you share a test project?

  I will test it in my local docker.

  liming.ma@volosoft.com

  Save Cancel
• 

  0

  maliming created 3 months ago

  Support Team Fullstack Developer

  hi

  Do you have a DNS map on your local machine?

  eg:

  extranetapp.cinca.porc to 127.0.0.1

  We have to get the DNS for the domain from inside and outside the container.

  Save Cancel
• 

  0

  jmalla.cp created 3 months ago

  Hi,

  Yes, I have this DNS map in my local machine.

  

  Save Cancel
• 

  0

  maliming created 3 months ago

  Support Team Fullstack Developer

  hi

  Please send an email to liming.ma@volosoft.com

  I will share you the project.

  

  

  Save Cancel
• 

  0

  jmalla.cp created 3 months ago

  Hi,

  Thanks, Maliming, that works, but I have a question. Can this configuration affect security when we deploy it in Azure Webservices in production mode?

  Save Cancel