Looks like even though the return url is being passed in it then checks against options to allowed urls.
As this isn't a local url and is unique to each tenant I have made a new local url that redirects after the fact.
public class AccountController(ILegacyTenantAppService legacyTenantAppService)
: AbpAccountImpersonationChallengeAccountController
{
public override async Task<ActionResult> LogoutAsync(string returnUrl = "", string returnUrlHash = "")
{
var tenant = await legacyTenantAppService.GetLegacyIdAsync();
if (returnUrl.IsNullOrEmpty() &&tenant.LegacyId > 0)
{
returnUrl = $"https://domain.com/login/{tenant.LegacyId}?logout=1";
}
return await base.LogoutAsync(returnUrl, returnUrlHash);
}
}
We are using the microservice architecture and need to support a different post logout redirect uri depending on a certain condition e.g. (old customer go to X url).
Currently the post logout goes to the home page (no settings have changed) but as our home page requires authentication you get redirected to the login screen.
How do I make it so I can redirect the user to a different url? I have tried specifying the return url in the logoutasync method within the account controller but that is ignored.
ABP 9.3.1 OpenIddict
Applied the change and fixed the if statement and still get the invalid_grant error.
Instead of us redirecting the user from the auth-server to tenant.auth-server then to the app. Is there a way for the app to persist the __tenant query string when the user gets redirected to /connect/authorize then to the /account/login?
HI,
Valid issuers is not the problem I am facing.
The issuer would have been the tenant version of the login page where as the app is using the authority.
How do I get an access token to share with you?
Hi,
Just sent an email with the logs and module classes.
Thanks
We are currently in the process of implementing multi tenancy but most likely have an odd domain setup.
Our customers will be able to go to exampleapp.com or tenant.exampleapp.com. If they go to the apex domain they will be asked to find their tenant. When the user is on the correct tenant e.g. tenant1.exampleapp.com they will have all the applications available (before logging in).
The user then clicks on an application and gets redirected to the application with the tenant in the query string e.g. app1.exampleapp.com?__tenant=tenantname. I have made a change where if the user is not already authenticated they will be redirected to auth server (exampleapp.com) with the tenant in the domain (tenant.exampleapp.com).
I have resolved the invalid issuer issue but now facing the invalid_grant error and not sure how to resolve this.
The main goal is to all the customer to have a vanity url to the landing page so it can be branded etc but the main applications (which there are 3 for our customers) are all on specific subdomains (app1, app2, app3.exampleapp.com). I have tried simply redirecting the user to the auth server with __tenant query string but the tenant gets lost in all the redirects.
