-
ABP Framework version: v9.1
-
UI Type: Angular
-
Database System: EF Core (SQL Server, PostgreSQL)
-
Tiered (for MVC) or Auth Server Separated (for Angular): yes
Hello,
We are looking to implement authorization for an API Gateway. Specifically, I am interested in integrating YARP with ABP, with a focus on managing authentication.
Could you provide guidance on the best approach for integrating YARP with ABP to handle authentication, particularly for token-based systems such as JWT? I am also looking for best practices or sample code, particularly on how to securely add and use AuthorizationPolicy(default , anonymous, custom policy..) in the context of an API Gateway.
Any documentation or sample code to assist with this process would be greatly appreciated.
Thanks
5 Answer(s)
-
0
Hi, if you have an existing microservice application and are using Ocelot, you can follow the Migrating API Gateway from Ocelot to YARP.
Actually, even if you are not migrating from Ocelot to YARP, you can still read this documentation to see the migration steps.
By the way, ABP's new microservice solution uses YARP as its default API gateway (https://abp.io/docs/latest/solution-templates/microservice/api-gateways#yarp-reverse-proxy). So, you can create a new microservice solution and see the integration points for an example.
Regards.
-
0
We are using a new microservice solution with YARP.
What i want to do exactly is adding authentication and authorization on my gateway, so i added an AuthorizationPolicy on the route i want to secure (wanna configure the authorization policy by providing the AuthorizationPolicy value in the route configuration)"Routes": { "order": { "ClusterId": "order", "AuthorizationPolicy": "authenticated", "Match": { "Path": "/api/order/{**catch-all}" } },
and also i want to use a custom policy
i added
app.UseAuthentication(); app.UseAuthorization();
and
context.Services.AddAuthorization(options => { options.AddPolicy("authenticated", policy => policy.RequireAuthenticatedUser()); });
but raised error related to authentication,
and when i addedcontext.Services.AddAuthentication("Bearer") .AddJwtBearer(options => { options.Authority = "http://localhost:44349"; options.RequireHttpsMetadata = false; options.Events = new JwtBearerEvents { OnAuthenticationFailed = context => { var exception = context.Exception; Console.WriteLine($"Authentication failed: {exception.Message}"); return Task.CompletedTask; }, OnTokenValidated = context => { var token = context.SecurityToken; Console.WriteLine($"Token validated: {token}"); return Task.CompletedTask; } }; });
raised error related to invalid audiance
Please i want an example on the correct way to configure the authorization policy by providing the AuthorizationPolicy value in the route configuration.
-
0
i fixed the error by adding
ValidateAudience = false
and now
policy.RequireAuthenticatedUser();
is working finebut when i used
policy.RequireRole("Admin");
i get 403 error
plz advise.
-
0
i fixed the error by adding
ValidateAudience = false
and now
policy.RequireAuthenticatedUser();
is working finebut when i used
policy.RequireRole("Admin");
i get 403 error
plz advise.
Hi, I'm currently testing, I will write you back asap.
Regards.
-
0
i fixed the error by adding
ValidateAudience = false
and now
policy.RequireAuthenticatedUser();
is working finebut when i used
policy.RequireRole("Admin");
i get 403 error
plz advise.
Hi, tried with the exact code that you shared and it worked smoothly. By any chance, is there a typo or case-sensitivity in your
Admin
role?