Open Closed

Tenant-Id and Tenant-Name Not Set in Header After Dashboard Redirect (SSO OIDC) #8267


User avatar
0
Repunjay_TASC created

Tenant-Id and Tenant-Name Not Set in Header After Dashboard Redirect (SSO OIDC) #8132

https://abp.io/support/questions/8132/Tenant-Id-and-Tenant-Name-Not-Set-in-Header-After-Dashboard-Redirect-SSO-OIDC?CurrentPage=5


74 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    yes, please clear redis. If still not working. Please share the full logs of localhost:44305(auth server)

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    yes, please clear redis. If still not working. Please share the full logs of localhost:44305(auth server)

  • User Avatar
    0
    Repunjay_TASC created

    ok sure

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    ; )

  • User Avatar
    0
    Repunjay_TASC created

    Hi,

    The redirect URI issue is resolved, but it's showing the login page. Should be log automatically.

    I have shared hra log over email pls check and mean while me also looking into it.

    Thanks in advance.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Can you check if the .AspNetCore.Identity.Application cookies have been issued?

    The backend needs to call await SignInManager.ExternalLoginSignInAsync to issuer this cookie.

  • User Avatar
    0
    Repunjay_TASC created

    Hi ,

    below method not present in my code, however i have added but i received is success false pls find attached screen shot. This is correct approach to call this method pls check and let me know.

    await SignInManager.ExternalLoginSignInAsync

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    What are the values in info ?

    If the external user is not in your system. eg you first use google account(123@google.com) to login. but the 123@google.com doesn't exist in your system. We will register a new user for it.

    In the end we will call await SignInManager.SignInAsync(user, false); to issuer the cookies. https://github.com/abpframework/abp/blob/dev/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Login.cshtml.cs#L243-L282

  • User Avatar
    0
    Repunjay_TASC created

    hi

    What are the values in info ?

    var info = await _signInManager.GetExternalLoginInfoAsync(); get external login info like like info.ProviderKey(External userID) .

    If the external user is not in your system. eg you first use google account(123@google.com) to login. but the 123@google.com doesn't exist in your system. We will register a new user for it.

    ok got it, let me check again and get back to you.

    In the end we will call await SignInManager.SignInAsync(user, false); to issuer the cookies. https://github.com/abpframework/abp/blob/dev/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Login.cshtml.cs#L243-L282

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    ok

  • User Avatar
    0
    Repunjay_TASC created

    Hi,

    // AS per your refernec i have added this method await _identityOptions.SetAsync();

    I am calling the method twice. The first time I receive a response with success: false. However, based on the email ID, I check if the user exists or not. After that, when I call the method again, I get a success response. Note :- Second time call just for checking pursue var result = await _signInManager.ExternalLoginSignInAsync( info.LoginProvider, info.ProviderKey, isPersistent: false, bypassTwoFactor: true );

    As per your suggestion, I have already followed the steps below:

    If the user does not exist in the system, I have added the user to the database and assigned the role as well. Still not work can you pls review this code once

    [HttpGet] public async Task<IActionResult> ExternalLoginCallback(string returnUrl = null, string remoteError = null) { if (remoteError != null) { return RedirectToAction("Login"); }

    try
    {
        await _identityOptions.SetAsync();    // AS per your refernec i have added this method 
    
        // Get the external login information
        var info = await _signInManager.GetExternalLoginInfoAsync();
        if (info == null)
        {
            // If external login info is not available, redirect to login
            return RedirectToAction("Login");
        }
    
        // Try to sign in the user using the external login info
        var result = await _signInManager.ExternalLoginSignInAsync(
            info.LoginProvider,
            info.ProviderKey,
            isPersistent: false,
            bypassTwoFactor: true
        );
    
    
        // Otherwise, proceed to register a new user
        var email = info.Principal.FindFirstValue(ClaimTypes.Email);
        var tokens = await ExchangeCodeForTokensAsync();
        var response = await GetUserDeatilsInfo(tokens.AccessToken, info.ProviderKey);
        var rolesName = await GetUserRolesdataAsync(tokens.AccessToken, response.UserId);
    
    
        var input = new IdentityUserCreateDto
        {
            UserName = response.Email,
            Email = response.Email,
            Password = "1!1234", // You may want to change this to a more secure password generation strategy
            Name = response.Nickname,
            Surname = response.Nickname,
            PhoneNumber = "9766640367", // Use a valid phone number
            IsActive = true,
            ShouldChangePasswordOnNextLogin = false,
            LockoutEnabled = true,
            RoleNames = [rolesName] // Assuming rolesName is a single role; adjust if it's a list of roles
        };
    
        // Get the tenant configuration
        var configTenantId = _configuration.GetSection("TenantId").Value;
    
        // Change the tenant context (assuming multi-tenant setup)
        using (_currentTenant.Change(Guid.Parse(configTenantId)))
        {
            // Create the user and assign roles
            var createUserResult = await CreateAsync(input, info);
            if (createUserResult)
            {
                var user = await _identityUserManager.FindByEmailAsync(response.Email);
                if (user != null)
                {
                    // Mark the user as external
                    user.IsExternal = true;
                    await _userRepository.UpdateAsync(user);
    
                    // Update the security stamp for the user
                    await _identityUserManager.UpdateSecurityStampAsync(user);
    
                    // Add the external login
                    await _identityUserManager.AddLoginAsync(user, info);
    
    
                    // Try to sign in the user using the external login info
                    var result1 = await _signInManager.ExternalLoginSignInAsync(
                        info.LoginProvider,
                        info.ProviderKey,
                        isPersistent: false,
                        bypassTwoFactor: true
                    );
    
                    // Sign in the user
                    await _signInManager.SignInAsync(user, false);
    
                    // Redirect to the originally requested page or the default home page
                    return Redirect(returnUrl);
                }
            }
            else
            {
                // In case user creation fails, redirect to the login page
                return RedirectToAction("Login");
            }
        }
    }
    catch (Exception ex)
    {
        return RedirectToAction("Error"); // Redirect to an error page or show a friendly error message
    }
    
    // Default redirect if something unexpected happens
    return Redirect(returnUrl);
    

    }

    public async Task<bool> CreateAsync(IdentityUserCreateDto input, ExternalLoginInfo info) { _logger.LogInformation($"CustomAddUserAndRoles: in CreateAsync(): START, Date Time: {DateTime.UtcNow}");

       try
       {
         
           // Check if user exists by email ID
           var existingUser = await _identityUserManager.FindByEmailAsync(input.Email);
           if (existingUser != null)
           {
               await _identityUserManager.RemoveFromRolesAsync(existingUser, input.RoleNames);
               await assignRoles(input, existingUser);
               _logger.LogError($"CustomAddUserAndRoles: in CreateAsync(): Message: User already exists; role updated successfully, Date Time: {DateTime.UtcNow}");
           }
           else
           {
               Guid userId;
               var newUserName = await GetUniqueUserNameAsync(input.Name.Trim(), input.Surname.Trim());
               var user = new IdentityUser(_guidGenerator.Create(), newUserName.Trim(), input.Email, _currentTenant.GetId());
    
               var creationResult = await _identityUserManager.CreateAsync(user, input.Password.Trim());
               creationResult.CheckErrors();
    
               await _identityUserManager.SetEmailAsync(user, input.Email.Trim());
    
               user.Name = input.Name.Trim();
               user.Surname = input.Surname.Trim();
    
               userId = user.Id;
    
               var tenant = _currentTenant.GetId();
               var email = info.Principal.FindFirstValue(ClaimTypes.Email);
               // Adding claims
               var claimsToAdd = new List&lt;Claim&gt;
                   {
                       new Claim(ClaimTypes.Email, email.Trim()),
                   };
    
               await _identityUserManager.AddClaimsAsync(user, claimsToAdd);
               await assignRoles(input, user);
    
               await _unitOfWorkManager.Current.SaveChangesAsync();
    
               var userDetails = await _identityUserManager.GetByIdAsync(userId);
               if (userDetails != null)
               {
                   userDetails.SetProperty("Status", 1);
                   userDetails.SetProperty("Language", "en");
               }
    
               await _unitOfWorkManager.Current.SaveChangesAsync();
               _logger.LogInformation($"CustomAddUserAndRoles: in CreateAsync() END: Message: create user and roles assigned successfully, Date Time: {DateTime.UtcNow}");
              
           }
           return true;
       }
       catch (Exception ex)
       {
           _logger.LogError($"CustomAddUserAndRoles: Error in CreateAsync(): Message: {ex.Message}| Source: {ex.Source} | Inner Exception: {ex.InnerException} |Stack Trace: {ex.StackTrace}, Date Time: {DateTime.UtcNow}");
           return false;
       }
    

    }

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    https://us05web.zoom.us/j/83893176702?pwd=U6frjNspBIgK1f388xsfk7wAMY9406.1

  • User Avatar
    0
    Repunjay_TASC created

    hi

    https://us05web.zoom.us/j/83893176702?pwd=U6frjNspBIgK1f388xsfk7wAMY9406.1

    Sorry, My laptop got restarted; i can i connect now ?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    https://us05web.zoom.us/j/88572134509?pwd=egEBXYUbjMdu9xrvb7JzNZGSbuQRPC.1

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    You have the access token in your angular app.

    I think the current problem has been solved.

    If you have a new problem, You can create a new question.

    Thanks.

  • User Avatar
    0
    Repunjay_TASC created

    Hi maliming,

    Thanks very much for your support. We were able to resolve the issue and are now successfully redirected to the dashboard.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    Great!

  • User Avatar
    0
    Repunjay_TASC created

    Hi,

    The "ClientType" column in the "OpenIddictApplications" table was initially set to "confidential" and after that you update value as "public", Then Angular application was able to successfully redirect.

    However, I have notice after some time, this value automatically changed to "confidential". I have cross-checked the application but was unable to find where the value is being set.

    Can you please suggest how I can fix this issue?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    However, I have notice after some time, this value automatically changed to "confidential". I have cross-checked the application but was unable to find where the value is being set.

    The framework will not do this.

    Please check your code. https://auth0.com/docs/get-started/applications/confidential-and-public-applications

  • User Avatar
    0
    Repunjay_TASC created

    ok let me cross check again and get back to you. Thanks.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    ok, Please create a new question if you find something.

  • User Avatar
    0
    Repunjay_TASC created

    ok

    created pls check

    https://abp.io/support/questions/8304/The-value-of-the-%27ClientType%27-column-in-the-%27OpenIddictApplications%27-table-was-automatically-changed-to-%27confidential%27-but-after-that-the-value-was-updated-to-%27public%27

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Our support team will check your problem.

  • User Avatar
    0
    Repunjay_TASC created

    ok thanks

Made with ❤️ on ABP v9.1.0-preview. Updated on December 13, 2024, 06:09