Tenant-Id and Tenant-Name Not Set in Header After Dashboard Redirect (SSO OIDC) #8132
https://abp.io/support/questions/8132/Tenant-Id-and-Tenant-Name-Not-Set-in-Header-After-Dashboard-Redirect-SSO-OIDC?CurrentPage=5
74 Answer(s)
-
0
yes, please clear redis. If still not working. Please share the full logs of localhost:44305(auth server)
-
0
yes, please clear redis. If still not working. Please share the full logs of localhost:44305(auth server)
-
0
ok sure
-
0
; )
-
0
Hi,
The redirect URI issue is resolved, but it's showing the login page. Should be log automatically.
I have shared hra log over email pls check and mean while me also looking into it.
Thanks in advance.
-
0
hi
Can you check if the
.AspNetCore.Identity.Applicationcookies have been issued?The backend needs to call
await SignInManager.ExternalLoginSignInAsyncto issuer this cookie.
-
0
Hi ,
below method not present in my code, however i have added but i received is success false pls find attached screen shot. This is correct approach to call this method pls check and let me know.
await SignInManager.ExternalLoginSignInAsync
-
0
hi
What are the values in
info?If the external user is not in your system. eg you first use google account(
123@google.com) to login. but the123@google.comdoesn't exist in your system. We will register a new user for it.In the end we will call
await SignInManager.SignInAsync(user, false);to issuer the cookies. https://github.com/abpframework/abp/blob/dev/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Login.cshtml.cs#L243-L282 -
0
hi
What are the values in
info?var info = await _signInManager.GetExternalLoginInfoAsync(); get external login info like like info.ProviderKey(External userID) .
If the external user is not in your system. eg you first use google account(
123@google.com) to login. but the123@google.comdoesn't exist in your system. We will register a new user for it.ok got it, let me check again and get back to you.
In the end we will call
await SignInManager.SignInAsync(user, false);to issuer the cookies. https://github.com/abpframework/abp/blob/dev/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Login.cshtml.cs#L243-L282 -
0
ok
-
0
Hi,
// AS per your refernec i have added this method await _identityOptions.SetAsync();
I am calling the method twice. The first time I receive a response with success: false. However, based on the email ID, I check if the user exists or not. After that, when I call the method again, I get a success response. Note :- Second time call just for checking pursue var result = await _signInManager.ExternalLoginSignInAsync( info.LoginProvider, info.ProviderKey, isPersistent: false, bypassTwoFactor: true );
As per your suggestion, I have already followed the steps below:
If the user does not exist in the system, I have added the user to the database and assigned the role as well. Still not work can you pls review this code once
[HttpGet] public async Task<IActionResult> ExternalLoginCallback(string returnUrl = null, string remoteError = null) { if (remoteError != null) { return RedirectToAction("Login"); }
try { await _identityOptions.SetAsync(); // AS per your refernec i have added this method // Get the external login information var info = await _signInManager.GetExternalLoginInfoAsync(); if (info == null) { // If external login info is not available, redirect to login return RedirectToAction("Login"); } // Try to sign in the user using the external login info var result = await _signInManager.ExternalLoginSignInAsync( info.LoginProvider, info.ProviderKey, isPersistent: false, bypassTwoFactor: true ); // Otherwise, proceed to register a new user var email = info.Principal.FindFirstValue(ClaimTypes.Email); var tokens = await ExchangeCodeForTokensAsync(); var response = await GetUserDeatilsInfo(tokens.AccessToken, info.ProviderKey); var rolesName = await GetUserRolesdataAsync(tokens.AccessToken, response.UserId); var input = new IdentityUserCreateDto { UserName = response.Email, Email = response.Email, Password = "1!1234", // You may want to change this to a more secure password generation strategy Name = response.Nickname, Surname = response.Nickname, PhoneNumber = "9766640367", // Use a valid phone number IsActive = true, ShouldChangePasswordOnNextLogin = false, LockoutEnabled = true, RoleNames = [rolesName] // Assuming rolesName is a single role; adjust if it's a list of roles }; // Get the tenant configuration var configTenantId = _configuration.GetSection("TenantId").Value; // Change the tenant context (assuming multi-tenant setup) using (_currentTenant.Change(Guid.Parse(configTenantId))) { // Create the user and assign roles var createUserResult = await CreateAsync(input, info); if (createUserResult) { var user = await _identityUserManager.FindByEmailAsync(response.Email); if (user != null) { // Mark the user as external user.IsExternal = true; await _userRepository.UpdateAsync(user); // Update the security stamp for the user await _identityUserManager.UpdateSecurityStampAsync(user); // Add the external login await _identityUserManager.AddLoginAsync(user, info); // Try to sign in the user using the external login info var result1 = await _signInManager.ExternalLoginSignInAsync( info.LoginProvider, info.ProviderKey, isPersistent: false, bypassTwoFactor: true ); // Sign in the user await _signInManager.SignInAsync(user, false); // Redirect to the originally requested page or the default home page return Redirect(returnUrl); } } else { // In case user creation fails, redirect to the login page return RedirectToAction("Login"); } } } catch (Exception ex) { return RedirectToAction("Error"); // Redirect to an error page or show a friendly error message } // Default redirect if something unexpected happens return Redirect(returnUrl);}
public async Task<bool> CreateAsync(IdentityUserCreateDto input, ExternalLoginInfo info) { _logger.LogInformation($"CustomAddUserAndRoles: in CreateAsync(): START, Date Time: {DateTime.UtcNow}");
try { // Check if user exists by email ID var existingUser = await _identityUserManager.FindByEmailAsync(input.Email); if (existingUser != null) { await _identityUserManager.RemoveFromRolesAsync(existingUser, input.RoleNames); await assignRoles(input, existingUser); _logger.LogError($"CustomAddUserAndRoles: in CreateAsync(): Message: User already exists; role updated successfully, Date Time: {DateTime.UtcNow}"); } else { Guid userId; var newUserName = await GetUniqueUserNameAsync(input.Name.Trim(), input.Surname.Trim()); var user = new IdentityUser(_guidGenerator.Create(), newUserName.Trim(), input.Email, _currentTenant.GetId()); var creationResult = await _identityUserManager.CreateAsync(user, input.Password.Trim()); creationResult.CheckErrors(); await _identityUserManager.SetEmailAsync(user, input.Email.Trim()); user.Name = input.Name.Trim(); user.Surname = input.Surname.Trim(); userId = user.Id; var tenant = _currentTenant.GetId(); var email = info.Principal.FindFirstValue(ClaimTypes.Email); // Adding claims var claimsToAdd = new List<Claim> { new Claim(ClaimTypes.Email, email.Trim()), }; await _identityUserManager.AddClaimsAsync(user, claimsToAdd); await assignRoles(input, user); await _unitOfWorkManager.Current.SaveChangesAsync(); var userDetails = await _identityUserManager.GetByIdAsync(userId); if (userDetails != null) { userDetails.SetProperty("Status", 1); userDetails.SetProperty("Language", "en"); } await _unitOfWorkManager.Current.SaveChangesAsync(); _logger.LogInformation($"CustomAddUserAndRoles: in CreateAsync() END: Message: create user and roles assigned successfully, Date Time: {DateTime.UtcNow}"); } return true; } catch (Exception ex) { _logger.LogError($"CustomAddUserAndRoles: Error in CreateAsync(): Message: {ex.Message}| Source: {ex.Source} | Inner Exception: {ex.InnerException} |Stack Trace: {ex.StackTrace}, Date Time: {DateTime.UtcNow}"); return false; }}
-
0
hi
https://us05web.zoom.us/j/83893176702?pwd=U6frjNspBIgK1f388xsfk7wAMY9406.1
-
0
hi
https://us05web.zoom.us/j/83893176702?pwd=U6frjNspBIgK1f388xsfk7wAMY9406.1
Sorry, My laptop got restarted; i can i connect now ?
-
0
https://us05web.zoom.us/j/88572134509?pwd=egEBXYUbjMdu9xrvb7JzNZGSbuQRPC.1
-
0
hi
You have the access token in your angular app.
I think the current problem has been solved.
If you have a new problem, You can create a new question.
Thanks.
-
0
Hi maliming,
Thanks very much for your support. We were able to resolve the issue and are now successfully redirected to the dashboard.
-
0
Great!
-
0
Hi,
The "ClientType" column in the "OpenIddictApplications" table was initially set to "confidential" and after that you update value as "public", Then Angular application was able to successfully redirect.
However, I have notice after some time, this value automatically changed to "confidential". I have cross-checked the application but was unable to find where the value is being set.
Can you please suggest how I can fix this issue?
-
0
hi
However, I have notice after some time, this value automatically changed to "confidential". I have cross-checked the application but was unable to find where the value is being set.
The framework will not do this.
Please check your code. https://auth0.com/docs/get-started/applications/confidential-and-public-applications
-
0
ok let me cross check again and get back to you. Thanks.
-
0
ok, Please create a new question if you find something.
-
0
ok
created pls check
https://abp.io/support/questions/8304/The-value-of-the-%27ClientType%27-column-in-the-%27OpenIddictApplications%27-table-was-automatically-changed-to-%27confidential%27-but-after-that-the-value-was-updated-to-%27public%27
-
0
hi
Our support team will check your problem.
-
0
ok thanks
