hi
You only need to add
AddAbpOpenIdConnect
for the projects that useOpenIdConnect
.
i want like if i create tenant name smc then urls are smc.web.domain.com smc.auth.domain.com
but its when i click login button from smc.web.domain.com then its redirect to auth.domain.com and throw 400 https://auth.domain.com/Error?httpStatusCode=400 In Auth Project Logs ->
2024-02-21 13:38:35.147 +05:30 [INF] Request finished HTTP/1.1 GET https://auth.domain.com/.well-known/jwks - 200 1667 application/json;charset=UTF-8 14.1696ms 2024-02-21 13:38:39.349 +05:30 [INF] Request starting HTTP/2 GET https://auth.domain.com/connect/authorize?client_id=TestIdentity&redirect_uri=https%3A%2F%2Fsmc.web.domain.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20roles%20email%20phone%20TestIdentity&response_mode=form_post&nonce=638440997151617322.ZTA2NTc1OWUtZTE0NS00ZjU0LWIyZjktZjU1ZWFlM2ExY2JhZDM0YjMxNGMtZWUwOC00YTJhLWE1NjgtM2M5ODU2NzhhNzIz&state=CfDJ8JByH2MkMuNNl3sV5fVf9nQ9ClPWZshJc5L3ihk5XA6cYJO8E0NXUtAdYFccsFRcCeSFIZ179gYHlU6firu6HkGCNjBlBiUM31kXS2GHJH2QLp7YOhtAa68iww6sv0wJOnntlRFQEIl8PFuhqGal5iLh6sFO10P3iMJ5frqaUiNEePfJfAEXUrp7hLp2457kLv6r82VdrGwEWqWloM_ZxOv9CA3lELinNxGPPl0gEyV77h96GfIlsOSloAV8G1y9XSzV-Nv43zfxOG5pTbe30bOasTmTNDJZdq6ha0i16I6oI1GP8nd8zyeLzxVyycZtbA&x-client-SKU=ID_NET8_0&x-client-ver=7.0.3.0 - null null 2024-02-21 13:38:39.351 +05:30 [INF] The request URI matched a server endpoint: "Authorization". 2024-02-21 13:38:39.356 +05:30 [INF] The authorization request was successfully extracted: { "client_id": "TestIdentity", "redirect_uri": "https://smc.web.domain.com/signin-oidc", "response_type": "code id_token", "scope": "openid profile roles email phone TestIdentity", "response_mode": "form_post", "nonce": "638440997151617322.ZTA2NTc1OWUtZTE0NS00ZjU0LWIyZjktZjU1ZWFlM2ExY2JhZDM0YjMxNGMtZWUwOC00YTJhLWE1NjgtM2M5ODU2NzhhNzIz", "state": "CfDJ8JByH2MkMuNNl3sV5fVf9nQ9ClPWZshJc5L3ihk5XA6cYJO8E0NXUtAdYFccsFRcCeSFIZ179gYHlU6firu6HkGCNjBlBiUM31kXS2GHJH2QLp7YOhtAa68iww6sv0wJOnntlRFQEIl8PFuhqGal5iLh6sFO10P3iMJ5frqaUiNEePfJfAEXUrp7hLp2457kLv6r82VdrGwEWqWloM_ZxOv9CA3lELinNxGPPl0gEyV77h96GfIlsOSloAV8G1y9XSzV-Nv43zfxOG5pTbe30bOasTmTNDJZdq6ha0i16I6oI1GP8nd8zyeLzxVyycZtbA", "x-client-SKU": "ID_NET8_0", "x-client-ver": "7.0.3.0" }. 2024-02-21 13:38:39.586 +05:30 [INF] Client validation failed because 'https://smc.web.domain.com/signin-oidc' was not a valid redirect_uri for TestIdentity. 2024-02-21 13:38:39.586 +05:30 [INF] The authorization request was rejected because the redirect_uri was invalid: 'https://smc.web.domain.com/signin-oidc'. 2024-02-21 13:38:39.597 +05:30 [INF] Request finished HTTP/2 GET https://auth.domain.com/connect/authorize?client_id=TestIdentity&redirect_uri=https%3A%2F%2Fsmc.web.domain.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20roles%20email%20phone%20TestIdentity&response_mode=form_post&nonce=638440997151617322.ZTA2NTc1OWUtZTE0NS00ZjU0LWIyZjktZjU1ZWFlM2ExY2JhZDM0YjMxNGMtZWUwOC00YTJhLWE1NjgtM2M5ODU2NzhhNzIz&state=CfDJ8JByH2MkMuNNl3sV5fVf9nQ9ClPWZshJc5L3ihk5XA6cYJO8E0NXUtAdYFccsFRcCeSFIZ179gYHlU6firu6HkGCNjBlBiUM31kXS2GHJH2QLp7YOhtAa68iww6sv0wJOnntlRFQEIl8PFuhqGal5iLh6sFO10P3iMJ5frqaUiNEePfJfAEXUrp7hLp2457kLv6r82VdrGwEWqWloM_ZxOv9CA3lELinNxGPPl0gEyV77h96GfIlsOSloAV8G1y9XSzV-Nv43zfxOG5pTbe30bOasTmTNDJZdq6ha0i16I6oI1GP8nd8zyeLzxVyycZtbA&x-client-SKU=ID_NET8_0&x-client-ver=7.0.3.0 - 302 null null 247.1638ms 2024-02-21 13:38:39.600 +05:30 [INF] Request starting HTTP/2 GET https://auth.domain.com/Error?httpStatusCode=400 - null null
hi
https://github.com/abpframework/abp-samples/blob/master/DomainTenantResolver/MVC-TIERED/src/Acme.BookStore.Web/BookStoreWebModule.cs#L145-L177
i have to add in web and Httpapi.Host both?
.AddAbpOpenIdConnect("oidc", options => { options.Authority = configuration["AuthServer:Authority"]; options.RequireHttpsMetadata = configuration.GetValue<bool>("AuthServer:RequireHttpsMetadata"); options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
options.ClientId = configuration["AuthServer:ClientId"];
options.ClientSecret = configuration["AuthServer:ClientSecret"];
options.UsePkce = true;
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.Scope.Add("roles");
options.Scope.Add("email");
options.Scope.Add("phone");
options.Scope.Add("TestIdentity");
options.Events.OnRedirectToIdentityProviderForSignOut = redirectContext =>
{
var currentTenant = redirectContext.HttpContext.RequestServices.GetRequiredService<ICurrentTenant>();
if (currentTenant.IsAvailable)
{
//https://ids.getabp.net:44301
redirectContext.ProtocolMessage.IssuerAddress =
redirectContext.ProtocolMessage.IssuerAddress.Replace("ids",
$"{currentTenant.Name}.ids");
}
return Task.CompletedTask;
};
options.Events.OnRedirectToIdentityProvider = options.Events.OnRedirectToIdentityProviderForSignOut;
});
Created Project using abp suite with public site, cms, Tired and Seprate Tenant Schema
i want diff urls for tenants like for that i config
in Auth Project PreConfigure<AbpOpenIddictWildcardDomainOptions>(options => { options.EnableWildcardDomainSupport = true; options.WildcardDomainsFormat.Add("https://{0}.auth.domain.com"); });
and
Configure<AbpTenantResolveOptions>(options => { options.AddDomainTenantResolver("{0}.auth.domain.com"); });
In Web Project Configure<AbpTenantResolveOptions>(options => { options.AddDomainTenantResolver("{0}.web.domain.com"); });
in HttpApi.Host
Configure<AbpTenantResolveOptions>(options => { options.AddDomainTenantResolver("{0}.api.domain.com"); });
now i want to add in openidcconnect
in this i added urls for Application Type : Web ClientUrl : https://web.domain.com/ Redirect Uris : https://web.domain.com/signin-oidc Post Logout Redirect Uris:https://web.domain.com/signout-callback-oidc
how to config dynamic tenant wise urls in this?
Hi,
I have to add this line for all entities & in all modules? its not like that in abp 5.2.1
No, Usually
ExtraProperties
have a default value, which should not be null. I'm guessing this might have something to do with your code, but I don't know the details
i am using this for bulk insertdata and i am not passed extraproperties in this
public async Task BulkInsert<TEntity>(IEnumerable<TEntity> entities, params string[] properties)
{
var dbcontext = await GetDbContextAsync().ConfigureAwait(false);
using var connection = new NpgsqlConnection(dbcontext.Database.GetDbConnection().ConnectionString);
var mapping = dbcontext.Model.FindEntityType(typeof(TEntity));
const string schema = "public";// mapping.GetSchema();
var tableName = mapping.GetTableName();
string query = $"Insert into \"{schema}\".\"{tableName}\" ({properties.Select(p => "\"" + p + "\"").ToCSV()}) values ({properties.Select(p => "@" + p).ToCSV()})";
_ = await connection.ExecuteAsync(query, entities).ConfigureAwait(false);
}
and its works fine in abp 5.2.1
HI,
Is this working for you?
builder.Entity<TempLayer>(b => { b.ToTable(SGLLayerManagementConsts.DbTablePrefix + nameof(TempLayer)); b.ConfigureByConvention(); b.HasKey(e => e.Id); b.Property(e => e.Id).AutoGenerateGuidNpgSql(); b.HasKey(e => e.TempLayerId); b.Property(e => e.TempLayerId).AutoGenerateGuidNpgSql(); b.Property(e => e.LayerName) .IsRequired(); b.Property(e => e.BoundX1) .IsRequired(); b.Property(e => e.BoundX2) .IsRequired(); b.Property(e => e.BoundY1) .IsRequired(); b.Property(e => e.BoundY2) .IsRequired(); b.Property(e => e.IsSync) .IsRequired() .HasDefaultValue(true); b.Property(e => e.IsQueryable) .IsRequired() .HasDefaultValue(true); b.HasMany(e => e.LayerFields) .WithOne(e => e.Layer) .HasForeignKey(e => e.LayerId); b.ApplyObjectExtensionMappings(); b.Property(e => e.ExtraProperties).IsRequired(false); add this line });
Add&Apply new migration.
I have to add this line for all entities & in all modules? its not like that in abp 5.2.1
I am migrating custom modules code from abp 5.2.1 to abp 8.0.2 when i migrate then
builder.Entity<TempLayer>(b =>
{
b.ToTable(SGLLayerManagementConsts.DbTablePrefix + nameof(TempLayer));
b.ConfigureByConvention();
b.HasKey(e => e.Id);
b.Property(e => e.Id).AutoGenerateGuidNpgSql();
b.HasKey(e => e.TempLayerId);
b.Property(e => e.TempLayerId).AutoGenerateGuidNpgSql();
b.Property(e => e.LayerName)
.IsRequired();
b.Property(e => e.BoundX1)
.IsRequired();
b.Property(e => e.BoundX2)
.IsRequired();
b.Property(e => e.BoundY1)
.IsRequired();
b.Property(e => e.BoundY2)
.IsRequired();
b.Property(e => e.IsSync)
.IsRequired()
.HasDefaultValue(true);
b.Property(e => e.IsQueryable)
.IsRequired()
.HasDefaultValue(true);
b.HasMany(e => e.LayerFields)
.WithOne(e => e.Layer)
.HasForeignKey(e => e.LayerId);
b.ApplyObjectExtensionMappings();
});
builder.Entity<TempLayerField>(b =>
{
b.ToTable(SGLLayerManagementConsts.DbTablePrefix + nameof(TempLayerField));
b.ConfigureByConvention();
b.HasKey(e => e.Id);
b.Property(e => e.Id).AutoGenerateGuidNpgSql();
b.Property(e => e.LayerFieldName)
.IsRequired();
b.Property(e => e.TableName)
.IsRequired();
b.Property(e => e.AreSame)
.IsRequired()
.HasDefaultValue(false);
b.HasOne(e => e.Layer)
.WithMany(e => e.LayerFields)
.HasForeignKey(e => e.LayerId);
});
TempLayer class is AuditedAggregateRoot<Guid> & IMultiTenant when insert data in this using efcore then throw below error
23502: null value in column "ExtraProperties" violates not-null constraint DETAIL: Detail redacted as it may contain sensitive data. Specify 'Include Error Detail' in the connection string to include this information.
Ok Thank you for support. its works.
[ConnectionStringName("Default")] public class ULBIDCDbContext : AbpDbContext<ULBIDCDbContext> { public ULBIDCDbContext(DbContextOptions<ULBIDCDbContext> options) : base(options) {
}
protected override void OnModelCreating(ModelBuilder builder)
{
base.OnModelCreating(builder);
/* Include modules to your migration db context */
builder.ConfigurePermissionManagement();
builder.ConfigureSettingManagement();
builder.ConfigureBackgroundJobs();
builder.ConfigureAuditLogging();
builder.ConfigureIdentityPro();
builder.ConfigureOpenIddictPro();
builder.ConfigureFeatureManagement();
builder.ConfigureLanguageManagement();
builder.ConfigureSaas();
builder.ConfigureTextTemplateManagement();
builder.ConfigureBlobStoring();
builder.ConfigureGdpr();
}
}
[ConnectionStringName("AbpIdentityServer")] [ReplaceDbContext(typeof(IIdentityProDbContext))] [ReplaceDbContext(typeof(ISaasDbContext))] public class IdentityServerDbContext : AbpDbContext<IdentityServerDbContext>, IIdentityProDbContext, ISaasDbContext { public IdentityServerDbContext(DbContextOptions<IdentityServerDbContext> options) : base(options) {
}
#region Entities from the modules
// Identity
public DbSet<IdentityUser> Users { get; set; }
public DbSet<IdentityRole> Roles { get; set; }
public DbSet<IdentityClaimType> ClaimTypes { get; set; }
public DbSet<OrganizationUnit> OrganizationUnits { get; set; }
public DbSet<IdentitySecurityLog> SecurityLogs { get; set; }
public DbSet<IdentityLinkUser> LinkUsers { get; set; }
public DbSet<IdentityUserDelegation> UserDelegations { get; set; }
// SaaS
public DbSet<Tenant> Tenants { get; set; }
public DbSet<Edition> Editions { get; set; }
public DbSet<TenantConnectionString> TenantConnectionStrings { get; set; }
#endregion
}
like this?
its works but when i logged in in application its not show the logout and other options in menu its only show personal data option.
But i have Auth Server in different solution and application in different solution. i dont want to use same database because i have 3 other application also. i want Common Auth Server for all application so i want different database for Auth Server and Applications has their own database
then how can i change db context for Identity use AbpIdentityServer Database and for ULB use default connection string in Db Context?