Activities of "bhasinp"

Also If you can suggest me how we can do the following thing, which will satisfy the case of authentication/Antiforgery and azure ad

Once the angular app navigated for auth in api, that navigation should happen in a popup. and token will be passed back to angular after authentication in popup.

  • ABP Framework version: v7.2.2
  • UI type: Angular
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): yes
  • Exception message and stack trace:
  • Steps to reproduce the issue:"
  1. AzureOpenId auth login
  2. Registered AddOpenIdConnect("AzureOpenId", "Azure AD OpenId"
  3. Angular login flow responseType: 'code

App is working well, Login authtoken etc everything works well.

The used case is I want to use app in iframe as well For this I enabled

app.Use(async (context, next) =>
{
    context.Response.Headers.Add("Content-Security-Policy", "frame-ancestors https://xyz.com");
    await next();
});

iFrame is loading the login page correctly but the issue is when I click on login button it throw exception of 400 bad request. which is due to antiforgery cookie

Log

2023-09-26 16:36:47.704 +05:30 [INF] Executing endpoint '/Account/Login' 2023-09-26 16:36:47.704 +05:30 [INF] Route matched with {page = "/Account/Login", action = "", controller = "", area = ""}. Executing page /Account/Login 2023-09-26 16:36:47.704 +05:30 [INF] Skipping the execution of current filter as its not the most effective filter implementing the policy Microsoft.AspNetCore.Mvc.ViewFeatures.IAntiforgeryPolicy 2023-09-26 16:36:47.708 +05:30 [INF] Antiforgery token validation failed. The required antiforgery cookie ".AspNetCore.Antiforgery.jZ1YYv9-FIY" is not present. Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The required antiforgery cookie ".AspNetCore.Antiforgery.jZ1YYv9-FIY" is not present. at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery.ValidateRequestAsync(HttpContext httpContext) at Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.ValidateAntiforgeryTokenAuthorizationFilter.OnAuthorizationAsync(AuthorizationFilterContext context) 2023-09-26 16:36:47.709 +05:30 [INF] Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.AutoValidateAntiforgeryTokenAuthorizationFilter'. 2023-09-26 16:36:47.715 +05:30 [INF] Executing StatusCodeResult, setting HTTP status code 400 2023-09-26 16:36:47.715 +05:30 [INF] Executed page /Account/Login in 10.3035ms 2023-09-26 16:36:47.715 +05:30 [INF] Executed endpoint '/Account/Login'

How can I fix this in iFrame?

But firstly give me some suggestions why angular route is not loading,

when app get redirected to angular the app.component.ts file get invoked and I am able to fetch the user information as well, But after that route is not selected and angular end up with blank page.

I have registered the '' empty route as well but not invoked

Manual redirection to url:4200 is resulting the 4200 redirect back to login screen as 4200 will require auth token as well url:4200/?code=Z7wwL72n7QA2VteW90GLPRCbqm16Fxek6aAAKCDrEi0&state=S0huNWk5QWJaVUhqMVc4aVRmOW5sWWN-NG5kQnJOa3pHb3NXWmxvUUhGeHpW;%252F&iss=https%3A%2F%2Furl.com%3A44368%2F

Also when I directly open the authserver login page (not via angular redirection) it show the login page without any client info in url. After auth it navigate me to swagger UI, I changes the redirect Urls for swagger client in openiddict/Applications but still loads the /swagger/index.html after auth, how can I force it to navigate to angular app always in any of the case

Thanks for quick reply

Yes I totally agree its authenticated by authserver, and my authserver is configured with ad, all token related things working well, my local registered users and ad both are getting logged in correclty.

But the issue is when I get navigated back to angular with either local user auth token or by AD auth token in both of the cases my angular app show blank page, When I hit the browser refresh page then it loads the actual angular app correctly

Is there anything which I am missing in angular side ?

Hi team, This resolved the issue, Thanks

But when I navigated back to angular it doesn't load automatically, i.e url/4200 is navigated correctly and is authenticated But I need to click on browser refresh for angular to load correctly.

If you can join me on a call that could help us to resolve this issue quickly

Just tried this as well, But same issue.

When we enabled responseType: 'code', does it directly target the azure ad ? or it will first try to go to local api end point ?

I think its getting stuck at local api redirection not on AD because the api which is throwing error is local not azure ad.

Verified this as well and same issue.

Showing 21 to 30 of 80 entries
Made with ❤️ on ABP v9.1.0-preview. Updated on November 11, 2024, 11:11