- ABP Framework version: v6.0.1
- UI Type: MVC
- Database System: EF Core (PostgreSQL)
- Tiered (for MVC) or Auth Server Separated (for Angular): Tired
- Exception message and full stack trace:
- Steps to reproduce the issue:
Hi,
I'm trying to run my project with Docker on my local computer because I want to check if the updates work correctly on a tablet before pushing the code to production.
The all containers up correctly, migrations, and I can access, https://pc01:44353/, but I can't login, because I get the error 500
And this is the Excception of webapp-web:
2024-07-12 11:18:47.622 +00:00 [ERR] [] [] An unhandled exception has occurred while executing the request.
System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'http://webapp-authserver/.well-known/openid-configuration'.
---> System.IO.IOException: IDX20807: Unable to retrieve document from: 'http://webapp-authserver/.well-known/openid-configuration'. HttpResponseMessage: 'StatusCode: 400, ReasonPhrase: 'Bad Request', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers:
{
Date: Fri, 12 Jul 2024 11:18:47 GMT
Server: Kestrel
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Content-Length: 168
Content-Type: application/json; charset=UTF-8
}', HttpResponseMessage.Content: '{
"error": "invalid_request",
"error_description": "This server only accepts HTTPS requests.",
"error_uri": "https://documentation.openiddict.com/errors/ID2083"
}'.
at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(String address, IDocumentRetriever retriever, CancellationToken cancel)
at Microsoft.IdentityModel.Protocols.ConfigurationManager1.GetConfigurationAsync(CancellationToken cancel) --- End of inner exception stack trace --- at Microsoft.IdentityModel.Protocols.ConfigurationManager1.GetConfigurationAsync(CancellationToken cancel)
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsyncInternal(AuthenticationProperties properties)
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsync(AuthenticationProperties properties)
at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.ChallengeAsync(AuthenticationProperties properties)
at Microsoft.AspNetCore.Authentication.AuthenticationService.ChallengeAsync(HttpContext context, String scheme, AuthenticationProperties properties)
at Microsoft.AspNetCore.Mvc.ChallengeResult.ExecuteResultAsync(ActionContext context)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.
Here you can see my docker-compose.yml
services:
webapp-web:
image: cincaporc/webapp-web:latest
container_name: webapp-web
build:
context: ../../
dockerfile: src/Cincaporc.WebApp.Web/Dockerfile.local
environment:
- ASPNETCORE_URLS=https://+:443;http://+:80;
- Kestrel__Certificates__Default__Path=/root/certificate/pc01.pfx
- Kestrel__Certificates__Default__Password=123456
- App__SelfUrl=https://pc01:44353
- AuthServer__RequireHttpsMetadata=false
- AuthServer__IsContainerizedOnLocalhost=true
- AuthServer__MetaAddress=http://webapp-authserver
- AuthServer__Authority=https://pc01:44334
- RemoteServices__Default__BaseUrl=http://webapp-api
- RemoteServices__AbpAccountPublic__BaseUrl=http://webapp-authserver
- App__MVCPublicUrl=https://pc01:44355
- ConnectionStrings__Default=Host=db-server;Database=ExtranetDev;User Id=cincaporclocal;Password=cincaporclocal;Timeout=60;
- Redis__Configuration=redis
ports:
- "44353:443"
depends_on:
- webapp-api
restart: on-failure
volumes:
- ./certs:/root/certificate
networks:
- abp-network
webapp-web-public:
image: cincaporc/webapp-web-public:latest
container_name: webapp-web-public
build:
context: ../../
dockerfile: src/Cincaporc.WebApp.Web.Public/Dockerfile.local
environment:
- ASPNETCORE_URLS=https://+:443;http://+:80;
- Kestrel__Certificates__Default__Path=/root/certificate/pc01.pfx
- Kestrel__Certificates__Default__Password=123456
- App__SelfUrl=https://pc01:44355
- App__Timing__TimeZone=Europe/Madrid
- AuthServer__RequireHttpsMetadata=false
- AuthServer__IsContainerizedOnLocalhost=true
- AuthServer__MetaAddress=http://webapp-authserver
- AuthServer__Authority=https://pc01:44334
- AuthServer__ClientId=WebApp_Web_Public_Tiered
- AuthServer__ClientSecret=g0gMs#4j2r
- RemoteServices__Default__BaseUrl=http://webapp-api
- RemoteServices__AbpAccountPublic__BaseUrl=http://webapp-authserver
- Redis__Configuration=redis
ports:
- "44355:443"
depends_on:
- webapp-api
restart: on-failure
volumes:
- ./certs:/root/certificate
networks:
- abp-network
webapp-api:
image: cincaporc/webapp-api:latest
container_name: webapp-api
build:
context: ../../
dockerfile: src/Cincaporc.WebApp.HttpApi.Host/Dockerfile.local
environment:
- ASPNETCORE_URLS=https://+:443;http://+:80;
- Kestrel__Certificates__Default__Path=/root/certificate/pc01.pfx
- Kestrel__Certificates__Default__Password=123456
- App__SelfUrl=https://pc01:44354
- App__MVCPublicUrl=https://pc01:44355
- App__CorsOrigins=https://pc01:44353,https://pc01:44355,http://webapp-web,http://webapp-web-public
- App__Timing__TimeZone=Europe/Madrid
- AuthServer__RequireHttpsMetadata=false
- AuthServer__Authority=http://webapp-authserver
- AuthServer__SwaggerClientId=WebApp_Swagger
- ConnectionStrings__Default=Host=db-server;Database=ExtranetDev;User Id=cincaporclocal;Password=cincaporclocal;Timeout=60;
- Redis__Configuration=redis
- Settings__ErpService.ErpSelected=Fake
- StringEncryption__DefaultPassPhrase=fQVpnvGGdYZ5DqcG
ports:
- "44354:443"
depends_on:
db-server:
condition: service_healthy
redis:
condition: service_healthy
restart: on-failure
volumes:
- ./certs:/root/certificate
networks:
- abp-network
webapp-authserver:
image: cincaporc/webapp-authserver:latest
container_name: webapp-authserver
build:
context: ../../
dockerfile: src/Cincaporc.WebApp.AuthServer/Dockerfile.local
environment:
- ASPNETCORE_URLS=https://+:443;http://+:80;
- App__SelfUrl=https://pc01:44334
- App__CorsOrigins=https://pc01:44353,https://pc01:44354,https://pc01:44355,http://webapp-web
- App__RedirectAllowedUrls=https://pc01:44353,https://pc01:44354,https://pc01:44355
- App__Timing__Timezone=Europe/Madrid
- AuthServer__RequireHttpsMetadata=false
- AuthServer__Authority=http://webapp-authserver
- AuthServer__SetSelfAsIssuer=true
- Kestrel__Certificates__Default__Path=/root/certificate/pc01.pfx
- Kestrel__Certificates__Default__Password=123456
- ConnectionStrings__Default=Host=db-server;Database=ExtranetDev;User Id=cincaporclocal;Password=cincaporclocal;Timeout=60;
- StringEncryption__DefaultPassPhrase=fQVpnvGGdYZ5DqcG
- Redis__Configuration=redis
- Redis__IsEnabled=false
- Settings__Abp.Account.IsSelfRegistrationEnabled=false
ports:
- "44334:443"
depends_on:
db-server:
condition: service_healthy
redis:
condition: service_healthy
restart: on-failure
volumes:
- ./certs:/root/certificate
networks:
- abp-network
db-migrator:
image: cincaporc/webapp-db-migrator:latest
container_name: db-migrator
build:
context: ../../
dockerfile: src/WebApp.DbMigrator/Dockerfile.local
environment:
- OpenIddict__Applications__WebApp_Web__RootUrl=https://pc01:44353
- OpenIddict__Applications__WebApp_Web__ClientId=WebApp_Web
- OpenIddict__Applications__WebApp_Web__ClientSecret=Pd&^901A
- OpenIddict__Applications__WebApp_Swagger__RootUrl=https://pc01:44354
- OpenIddict__Applications__WebApp_Swagger__ClientId=WebApp_Swagger
- OpenIddict__Applications__WebApp_Swagger__ClientSecret=cE64h!3P
- OpenIddict__Applications__WebApp_Web_Public__RootUrl=https://pc01:44355
- OpenIddict__Applications__WebApp_Web_Public__ClientId=WebApp_Web_Public
- OpenIddict__Applications__WebApp_Web_Public__ClientSecret=g0gMs#4j2r
- OpenIddict__Applications__WebApp_Web_Public_Tiered__RootUrl=https://pc01:44355
- OpenIddict__Applications__WebApp_Web_Public_Tiered__ClientId=WebApp_Web_Public_Tiered
- OpenIddict__Applications__WebApp_Web_Public_Tiered__ClientSecret=g0gMs#4j2r
- ConnectionStrings__Default=Host=db-server;Database=ExtranetDev;User Id=cincaporclocal;Password=cincaporclocal;Timeout=60;
depends_on:
db-server:
condition: service_healthy
networks:
- abp-network
db-server:
container_name: db-server
image: postgres
ports:
- "1434:5432"
environment:
- POSTGRES_PASSWORD=cincaporclocal
- POSTGRES_USER=cincaporclocal
- POSTGRES_DB=ExtranetDev
- PGDATA=/var/lib/postgresql/data/pgdata
volumes:
- dbdata:/var/lib/postgresql/data
networks:
- abp-network
healthcheck:
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
interval: 10s
timeout: 3s
retries: 10
start_period: 10s
redis:
container_name: redis
image: redis:alpine
ports:
- "6379:6379"
networks:
- abp-network
healthcheck:
test: ["CMD", "redis-cli","ping"]
volumes:
dbdata:
name: webapp_dbdata
networks:
abp-network:
name: webapp-network
driver: bridge
30 Answer(s)
-
0
hi
I don't have much experience with docker security. : (
You can Google it.
Sorry for that.
-
0
Sorry, Maliming, I think I didn't explain it well.
My production environment is on Azure Web Services, Which is not a Docker environment.
We only want this configuration for local testing
So, I want to know how we can apply this configuration only in a local Docker deployment.
Thanks
-
0
hi
So, I want to know how we can apply this configuration only in a local Docker deployment.
Can you explain it in detail? It is the
docker-composefile.Thanks
-
0
What happen with the changes introduced in the code, like OpenIddictServerBuilderExtensions.cs?
-
0
We introduce this method in the new version. So you can keep it for your project.
https://github.com/abpframework/abp/pull/17512 https://github.com/abpframework/abp/blob/cb146f6392d798e6a639c954d514704c1febd3e0/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Microsoft/Extensions/DependencyInjection/OpenIddictServerBuilderExtensions.cs#L6
