Activities of "chandra.lk"

All Question Answer
Newest Oldest
Need help in deploying microservice template using docker-compose #7548
Answer

Hi liangshiwei,

Finally was able to get it working.

After adding the ValidIssuers, I got one more exception IDX10500: Signature validation failed. No security keys were provided to validate the signature.

But I found out that similar issue was posted on GitHub and user wangyue20075 provided a solution in his comment.

I still don't understand how this is working when it is being run locally but is failing when I deploy it using Docker Compose.

Thanks for your support!

Need help in deploying microservice template using docker-compose #7548
Answer

4220 is the port of the AdministrationService, not the AuthServer. Shouldn't the AuthServer be the issuer of the token?

Also, if I do this for AdministrationService, I'll have to do the same for all other services as well.

Shouldn't we instead fix the place where ValidIssuers is getting populated?

Something like this in JwtBearerConfigurationHelper?

        context.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
            .AddAbpJwtBearer(options =>
            {
                options.Authority = configuration["AuthServer:Authority"];
                options.RequireHttpsMetadata = configuration.GetValue<bool>("AuthServer:RequireHttpsMetadata");
                options.Audience = audience;
                options.TokenValidationParameters.ValidIssuer = configuration["AuthServer:Authority"];
            });
Need help in deploying microservice template using docker-compose #7548
Answer

Hi @liangshiwei,

I applied the middleware and checked the headers. They look fine to me:

2024-07-26 11:55:30 [06:25:30 INF] Request starting HTTP/2 GET https://iitvdi-01.aurelius.com:4220/api/abp/application-configuration?includeLocalizationResources=false - null null
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: Accept: application/json, text/plain, */*----------
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: Host: iitvdi-01.aurelius.com:4220----------
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36----------
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: Accept-Encoding: gzip, deflate, br, zstd----------
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: Accept-Language: en----------
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: Origin: https://iitvdi-01.aurelius.com:4200----------
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: Referer: https://iitvdi-01.aurelius.com:4200/----------
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: traceparent: 00-db6439da47a5f9a3a68c416e9ca0df42-991e3a84d77fd408-00----------
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: sec-ch-ua: "Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"----------
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: X-Requested-With: XMLHttpRequest----------
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: sec-ch-ua-mobile: ?0----------
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: sec-ch-ua-platform: "Windows"----------
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: sec-fetch-site: same-site----------
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: sec-fetch-mode: cors----------
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: sec-fetch-dest: empty----------
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: priority: u=1, i----------
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: x-correlation-id: e28192efa89942d3b91d4fb3fe66cc75----------
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: x-forwarded-for: ::ffff:172.18.0.1----------
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: x-forwarded-host: iitvdi-01.aurelius.com:4250----------
2024-07-26 11:55:30 [06:25:30 INF] ----------Request header: x-forwarded-proto: https----------
2024-07-26 11:55:31 [06:25:31 INF] CORS policy execution successful.
2024-07-26 11:55:31 [06:25:31 INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
2024-07-26 11:55:31 [06:25:31 INF] Route matched with {area = "abp", action = "Get", controller = "AbpApplicationConfiguration", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationDto] GetAsync(Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationRequestOptions) on controller Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController (Volo.Abp.AspNetCore.Mvc).
2024-07-26 11:55:34 [06:25:34 INF] Executing ObjectResult, writing value of type 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationDto'.
2024-07-26 11:55:35 [06:25:35 INF] Executed action Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc) in 3115.8941ms
2024-07-26 11:55:35 [06:25:35 INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
2024-07-26 11:55:35 [06:25:35 INF] Request finished HTTP/2 GET https://iitvdi-01.aurelius.com:4220/api/abp/application-configuration?includeLocalizationResources=false - 200 null application/json; charset=utf-8 4779.9261ms
2024-07-26 11:55:35 [06:25:35 INF] Request starting HTTP/2 GET https://iitvdi-01.aurelius.com:4220/api/abp/application-localization?cultureName=en&onlyDynamics=false - null null
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: Accept: application/json, text/plain, */*----------
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: Host: iitvdi-01.aurelius.com:4220----------
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36----------
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: Accept-Encoding: gzip, deflate, br, zstd----------
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: Accept-Language: en----------
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: Origin: https://iitvdi-01.aurelius.com:4200----------
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: Referer: https://iitvdi-01.aurelius.com:4200/----------
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: traceparent: 00-b696772ca4486b51c742f9c99f0518cd-64f4727199b68749-00----------
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: sec-ch-ua: "Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"----------
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: X-Requested-With: XMLHttpRequest----------
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: sec-ch-ua-mobile: ?0----------
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: sec-ch-ua-platform: "Windows"----------
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: sec-fetch-site: same-site----------
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: sec-fetch-mode: cors----------
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: sec-fetch-dest: empty----------
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: priority: u=1, i----------
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: x-correlation-id: dc7508954b15423ea1e5ec66a3e3fd55----------
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: x-forwarded-for: ::ffff:172.18.0.1----------
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: x-forwarded-host: iitvdi-01.aurelius.com:4250----------
2024-07-26 11:55:35 [06:25:35 INF] ----------Request header: x-forwarded-proto: https----------
2024-07-26 11:55:35 [06:25:35 INF] CORS policy execution successful.
2024-07-26 11:55:35 [06:25:35 INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationLocalizationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
2024-07-26 11:55:35 [06:25:35 INF] Route matched with {area = "abp", action = "Get", controller = "AbpApplicationLocalization", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationLocalizationDto] GetAsync(Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationLocalizationRequestDto) on controller Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationLocalizationController (Volo.Abp.AspNetCore.Mvc).
2024-07-26 11:55:36 [06:25:36 INF] Executing ObjectResult, writing value of type 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationLocalizationDto'.
2024-07-26 11:55:36 [06:25:36 INF] Executed action Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationLocalizationController.GetAsync (Volo.Abp.AspNetCore.Mvc) in 865.8153ms
2024-07-26 11:55:36 [06:25:36 INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationLocalizationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
2024-07-26 11:55:36 [06:25:36 INF] Request finished HTTP/2 GET https://iitvdi-01.aurelius.com:4220/api/abp/application-localization?cultureName=en&onlyDynamics=false - 200 null application/json; charset=utf-8 904.8717ms
2024-07-26 11:56:19 [06:26:19 INF] Request starting HTTP/2 GET https://iitvdi-01.aurelius.com:4220/api/abp/application-configuration?includeLocalizationResources=false - null null
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: Accept: application/json, text/plain, */*----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: Host: iitvdi-01.aurelius.com:4220----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: Accept-Encoding: gzip, deflate, br, zstd----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: Accept-Language: en----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjNDQTIzRUFCODk2NzM4OEJGMThGMEY0ODkwODhFODZBMDM1RUU4RUQiLCJ4NXQiOiJQS0ktcTRsbk9JdnhqdzlJa0lqb2FnTmU2TzAiLCJ0eXAiOiJhdCtqd3QifQ.eyJpc3MiOiJodHRwczovL2lpdHZkaS0wMS5hdXJlbGl1cy5jb206NDIxMC8iLCJleHAiOjE3MjE5Nzg3NzgsImlhdCI6MTcyMTk3NTE3OCwiYXVkIjpbIkFjY291bnRTZXJ2aWNlIiwiSWRlbnRpdHlTZXJ2aWNlIiwiQWRtaW5pc3RyYXRpb25TZXJ2aWNlIiwiU2Fhc1NlcnZpY2UiXSwic2NvcGUiOiJvZmZsaW5lX2FjY2VzcyBvcGVuaWQgcHJvZmlsZSBlbWFpbCBwaG9uZSBBY2NvdW50U2VydmljZSBJZGVudGl0eVNlcnZpY2UgQWRtaW5pc3RyYXRpb25TZXJ2aWNlIFNhYXNTZXJ2aWNlIiwianRpIjoiZGRkMDAxODktYmU5Zi00YzI5LTk1OGYtZDAyNTYxNWNjZDIwIiwic3ViIjoiMjc0ZTRlNTEtMGI3ZS1jNTZiLTg4ZWItM2ExM2ZhNGJmMDY5Iiwic2Vzc2lvbl9pZCI6ImM1YmU3Mzc1LTQzMDYtNGQyOC05NDMxLWMzN2RlNTAzZGE0NCIsInVuaXF1ZV9uYW1lIjoiYWRtaW4iLCJvaV9wcnN0IjoiQW5ndWxhciIsIm9pX2F1X2lkIjoiMzA1NzAyNTMtZWRlMC03ZmIxLWJiMDctM2ExM2ZhN2YzMmRhIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiYWRtaW4iLCJnaXZlbl9uYW1lIjoiYWRtaW4iLCJyb2xlIjoiYWRtaW4iLCJlbWFpbCI6ImFkbWluQGFicC5pbyIsImVtYWlsX3ZlcmlmaWVkIjoiRmFsc2UiLCJwaG9uZV9udW1iZXJfdmVyaWZpZWQiOiJGYWxzZSIsImNsaWVudF9pZCI6IkFuZ3VsYXIiLCJvaV90a25faWQiOiI1OTQ1YzdkNy00ZmRlLWZhNDItMjQ3NC0zYTEzZmZlNGRkZTYifQ.T3uwmWj_Li1X8WTxJDN9rmPXv3IhDJqn_vTWLLgd1f7usrPLspz4iw-hwWN6dsy5ySTBSCzwdKQLUS5TzmbBWDBy2UKDNwhkGxCdphHI4MuhFIetvtPBcZf7o6W6sgEjgoWkxCs1QJdbE6LCaE4zW2DhlmBg4ui_-4xYKkexhGNmMpztNIqSeSU-64gfECQyCHMBsxjWiIZrTqEkZEp4XfEpEDBXyvEz_VyhAxBpYvhOWNGfZuarYSX0Tm7eNZUKSUy4seD74RKozrlM53SroAT26Bo9oRjpDP_u9C6PL5PYVGpUt7R1wAaHuTcDDkWC23AlCSuIcxJ2A4IoCDYqIw----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: Origin: https://iitvdi-01.aurelius.com:4200----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: Referer: https://iitvdi-01.aurelius.com:4200/----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: traceparent: 00-a702f850d9d803ccf7f8f442022f01c2-54e4309c0331a141-00----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: sec-ch-ua: "Not/A)Brand";v="8", "Chromium";v="126", "Google Chrome";v="126"----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: sec-ch-ua-mobile: ?0----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: X-Requested-With: XMLHttpRequest----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: sec-ch-ua-platform: "Windows"----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: sec-fetch-site: same-site----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: sec-fetch-mode: cors----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: sec-fetch-dest: empty----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: priority: u=1, i----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: x-correlation-id: 43ab9156761a45f68515e05a1131336e----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: x-forwarded-for: ::ffff:172.18.0.1----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: x-forwarded-host: iitvdi-01.aurelius.com:4250----------
2024-07-26 11:56:19 [06:26:19 INF] ----------Request header: x-forwarded-proto: https----------
2024-07-26 11:56:19 [06:26:19 INF] CORS policy execution successful.
2024-07-26 11:56:19 [06:26:19 INF] Failed to validate the token.
2024-07-26 11:56:19 Microsoft.IdentityModel.Tokens.SecurityTokenInvalidIssuerException: IDX10204: Unable to validate issuer. validationParameters.ValidIssuer is null or whitespace AND validationParameters.ValidIssuers is null or empty.
2024-07-26 11:56:19    at Microsoft.IdentityModel.Tokens.Validators.ValidateIssuerAsync(String issuer, SecurityToken securityToken, TokenValidationParameters validationParameters, BaseConfiguration configuration)
2024-07-26 11:56:19    at Microsoft.IdentityModel.Tokens.Validators.ValidateIssuer(String issuer, SecurityToken securityToken, TokenValidationParameters validationParameters, BaseConfiguration configuration)
2024-07-26 11:56:19    at Microsoft.IdentityModel.Tokens.InternalValidators.ValidateAfterSignatureFailed(SecurityToken securityToken, Nullable`1 notBefore, Nullable`1 expires, IEnumerable`1 audiences, TokenValidationParameters validationParameters, BaseConfiguration configuration)
2024-07-26 11:56:19    at Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateSignature(JsonWebToken jwtToken, TokenValidationParameters validationParameters, BaseConfiguration configuration)
2024-07-26 11:56:19    at Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateSignatureAndIssuerSecurityKey(JsonWebToken jsonWebToken, TokenValidationParameters validationParameters, BaseConfiguration configuration)
2024-07-26 11:56:19    at Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateJWSAsync(JsonWebToken jsonWebToken, TokenValidationParameters validationParameters, BaseConfiguration configuration)
2024-07-26 11:56:19 [06:26:19 INF] Bearer was not authenticated. Failure message: IDX10204: Unable to validate issuer. validationParameters.ValidIssuer is null or whitespace AND validationParameters.ValidIssuers is null or empty.
2024-07-26 11:56:19 [06:26:19 INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
2024-07-26 11:56:19 [06:26:19 INF] Route matched with {area = "abp", action = "Get", controller = "AbpApplicationConfiguration", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationDto] GetAsync(Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationRequestOptions) on controller Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController (Volo.Abp.AspNetCore.Mvc).
2024-07-26 11:56:19 [06:26:19 INF] Executing ObjectResult, writing value of type 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationDto'.
2024-07-26 11:56:19 [06:26:19 INF] Executed action Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc) in 231.1951ms
2024-07-26 11:56:19 [06:26:19 INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
2024-07-26 11:56:19 [06:26:19 INF] Request finished HTTP/2 GET https://iitvdi-01.aurelius.com:4220/api/abp/application-configuration?includeLocalizationResources=false - 200 null application/json; charset=utf-8 576.7826ms

I have a doubt however. In one of the referenced tickets you have mentioned:

validationParameters.ValidIssuer will be set as request.Scheme + Uri.SchemeDelimiter + host + request.PathBase

Is this set by some module in ABP Framework or will it be set by the .NET 8.0 or some other library?

I also see that the same request (Request starting HTTP/2 GET https://iitvdi-01.aurelius.com:4220/api/abp/application-configuration?includeLocalizationResources=false) is successful, but then called again, it is throwing an exception.

Need help in deploying microservice template using docker-compose #7548
Answer

How and where should I add this middleware? Could you please provide some more info?

Need help in deploying microservice template using docker-compose #7548
Answer

Hi @liangshiwei,

I checked those before and had added the ForwardedHeaders in Gateway project. Do I need to add them to all the projects?

Showing 1 to 5 of 5 entries
Made with ❤️ on ABP v9.0.0-preview Updated on September 20, 2024, 08:30