Activities of "duyan11110"

Hi,

In which module should I try that code?

• ABP Framework version: v7.0.3
• UI type: MVC
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): yes
• Exception message and stack trace:
• Steps to reproduce the issue:" I tried to increase user session timeout but not successfully. I searched and added this code to both AuthServerModule and WebModule but no luck, the session is still expired after ~ 60 minutes (I guess). Pls help:

context.Services.ConfigureApplicationCookie(options =>
        {
            options.ExpireTimeSpan = TimeSpan.FromDays(1);
        });
        context.Services.Configure<SecurityStampValidatorOptions>(options =>
        {
            options.ValidationInterval = TimeSpan.FromDays(1);
        });

Hi,

Thank you so much for your prompt support. It works now.

I use HTTP not HTTPS. In AdministrationService, it has the same setting and work fine (no need HTTPS).

"AuthServer": {
    "Authority": "http://authserver:7000",
    "RequireHttpsMetadata": "false",
    "SwaggerClientId": "WebGateway_Swagger.DockerHttp"
  },
  "RemoteServices": {
    "AbpIdentity": {
      "BaseUrl": "http://identityservice.httpapi.host:7002/",
      "UseCurrentAccessToken": "false"
    }
  },
  "IdentityClients": {
    "Default": {
      "GrantType": "client_credentials",
      "ClientId": "AdministrationService.DockerHttp",
      "ClientSecret": "1q2w3e*",
      "Authority": "http://authserver:7000",
      "Scope": "IdentityService"
    }
  },

• ABP Framework version: 7.0.3
• UI type: MVC
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): yes
• Exception message and stack trace: Could not retrieve the OpenId Connect discovery document! ErrorType: Exception. Error: Error connecting to http://authserver:7000/.well-known/openid-configuration. HTTPS required. Volo.Abp.AbpException: Could not retrieve the OpenId Connect discovery document! ErrorType: Exception. Error: Error connecting to http:/authserver:7000/.well-known/openid-configuration. HTTPS required. at Volo.Abp.IdentityModel.IdentityModelAuthenticationService.GetDiscoveryResponse(IdentityClientConfiguration configuration) at Volo.Abp.IdentityModel.IdentityModelAuthenticationService.CreateClientCredentialsTokenRequestAsync(IdentityClientConfiguration configuration) at Volo.Abp.IdentityModel.IdentityModelAuthenticationService.GetTokenResponse(IdentityClientConfiguration configuration) at Volo.Abp.IdentityModel.IdentityModelAuthenticationService.GetAccessTokenAsync(IdentityClientConfiguration configuration) at Volo.Abp.IdentityModel.IdentityModelAuthenticationService.GetAccessTokenOrNullAsync(String identityClientName) at Volo.Abp.IdentityModel.IdentityModelAuthenticationService.TryAuthenticateAsync(HttpClient client, String identityClientName) at Volo.Abp.Http.Client.IdentityModel.IdentityModelRemoteServiceHttpClientAuthenticator.Authenticate(RemoteServiceHttpClientAuthenticateContext context) at Volo.Abp.Http.Client.IdentityModel.Web.HttpContextIdentityModelRemoteServiceHttpClientAuthenticator.Authenticate(RemoteServiceHttpClientAuthenticateContext context) at Volo.Abp.Http.Client.ClientProxying.ClientProxyBase`1.RequestAsync(ClientProxyRequestContext requestContext) at Volo.Abp.Http.Client.ClientProxying.ClientProxyBase`1.RequestAsync[T](ClientProxyRequestContext requestContext) at Volo.Abp.Http.Client.ClientProxying.ClientProxyBase`1.RequestAsync[T](String methodName, ClientProxyRequestTypeValue arguments) at MyService.TransactionReports.TransactionReportClientProxy.GenerateReportFileAsync() in ...\MyService.HttpApi.Client\ClientProxies\TransactionReportClientProxy.Generated.cs:line 150 at BackgroundWorker.MyService.ScanErrorFileWorker.SendReportFile() in ...\apps\background-workers\src\BackgroundWorker\MyService\ScanErrorFileWorker.cs:line 86 at BackgroundWorker.MyService.ScanErrorFileWorker.Execute(IJobExecutionContext context) in ...\apps\background-workers\src\BackgroundWorker\MyService\ScanErrorFileWorker.cs

Steps to reproduce the issue: I'm using Quartz background worker to call an authorized app service method with above error. Here's appsettings.json:

"RemoteServices": {
    "MyService": {
      "BaseUrl": "http://myservice.httpapi.host:7005/",
      "UseCurrentAccessToken": "false"
    }
  },
  "IdentityClients": {
    "Default": {
      "GrantType": "client_credentials",
      "ClientId": "BackgroundWorker.DockerHttp",
      "ClientSecret": "1q2w3e*",
      "Authority": "http://authserver:7000",
      "Scope": "MyService"
    }
  }

[DependsOn(
    typeof(AbpAutofacModule),
    typeof(AbpBackgroundWorkersQuartzModule),
	typeof(AbpHttpClientIdentityModelWebModule),
	typeof(AbpIdentityHttpApiClientModule),
	...
)]
public class BackgroundWorkerModule : AbpModule
{
    public override Task OnApplicationInitializationAsync(ApplicationInitializationContext context)
    {
        var logger = context.ServiceProvider.GetRequiredService<ILogger<BackgroundWorkerModule>>();
        var configuration = context.ServiceProvider.GetRequiredService<IConfiguration>();
        logger.LogInformation($"MySettingName => {configuration["MySettingName"]}");

        var hostEnvironment = context.ServiceProvider.GetRequiredService<IHostEnvironment>();
        logger.LogInformation($"EnvironmentName => {hostEnvironment.EnvironmentName}");

        return Task.CompletedTask;
    }
}

OpenIdDictDataSeeder.cs

//Background Worker
await CreateApplicationAsync(
	name: "BackgroundWorker.DockerHttp",
	type: OpenIddictConstants.ClientTypes.Confidential,
	consentType: OpenIddictConstants.ConsentTypes.Implicit,
	displayName: "Background Worker",
	secret: "1q2w3e*",
	grantTypes: new List<string>
	{
		OpenIddictConstants.GrantTypes.ClientCredentials
	},
	
	scopes: commonScopes.Union(new[] { "MyService" }).ToList(),
	permissions: new List<string> { MyServicePermissions.TransactionReports.Default, MyServicePermissions.TransactionReports.GenerateFile }
);

How can I fix it? Thank you.

The escape character is added automatically when I copy and paste and then format it with code block. I saw the docker compose file of application template, it's the same as the one I created for microservice template. The problem is I can't trust the self-sign certificate which generated for each service domain name. Could you pls try to create a test app based on microservice template and configure docker compose for it to reproduce my issue?

Hi,

No more information?

Any update, pls?

I used host file to map like this: 127.0.0.1 mydomain.webgateway As you can see in my docker compose file:

volumes:
- ~/.aspnet/https:/https:ro

Is that correct way to map certificate file? I can see all mapped pfx files in https folder of the container.

I already generated pfx file with this command: New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -DnsName "mydomain.webgateway" -FriendlyName "mydomain.webgateway" -NotAfter (Get-Date).AddYears(10) (because the URL is not localhost, they are container names instead), added to Trusted Root Certification Authorities on Local Machine and mounted successfully, but the error still occurs.

For linux, pfx is problematic as far as i know. You can use OpenSSL to generate self-signed certificate.

Do you mean linux for host or container? I use Windows host but linux container. Do I have to use OpenSSL to generate certificate? If yes, how to use that certificate in docker-compose file?