Activities of "maliming"

hi

https://abp.io/docs/latest/modules/openiddict#setting-tokens-lifetime

hi

I already know your case.

But your TestMesApp.HttpApi.Host is an API project. API generally won't use OpenIdConnect for authentication.

You can create a new app(layered, tiered, public website) project.

1. The AuthServer is the authentication/authorization center.
2. The HttpApi.Host is the API website that using JWT to authentication/authorization
3. The WEB and WEB public websites are mvc app that using OpenIdConnect to SSO

You can see: once I have signed in to the web, the web public will be signed automatically. The video: https://we.tl/t-IToZ847OBB

If you have sub-domain for this website. You can configure to share cookies in the same domain https://abp.io/community/articles/how-to-share-the-cookies-between-subdomains-jfrzggc2

If you will use different domains for these websites. The web public website need to click the login and will redirec to authserver then signed automatically. because the authserver has the signed state.

hi

1. You can try using ABP V8 and dotnet 8 now, then upgrade to abp 9 in some days. I think the Pomelo.EntityFrameworkCore.MySql still needs one or two weeks.
2. The resource from “https://localhost:44394/swagger/ui/index.js” was blocked due to MIME type (“”) mismatch (X-Content-Type-Options: nosniff). Swagger has a change that breaks the abp function. You can check https://github.com/abpframework/abp/issues/21538#issuecomment-2522449980
3. Your question ticket has been refunded.

Thanks.

hi

There are two AuthServer projects. For SSO, you can only have one AuthServer,.

One AuthServer(OpenIddict) as an authentication/authorization server.

Two or more websites use this server to OpenIdConnect login.

If website A is signed in with AuthServer, websites B and C will automatically be signed.

account.abp.io is authser of abpio platform. www.abp.io docs.abp.io commercial.abp.io will be using OpenIdConnect to sign with account.abp.io

We will share the OpenIdConnect cookies, so if you have signed in at www.abp.io, you will have a signed state on other websites.

If I misunderstand your project. You can share full steps to reproduce the problem with your project..

Thanks.

ok, I will check your code.

hi

Do you want to check the source code of /connect/verify endpoint?

I can share the source code with you. Please send a email to liming.ma@volosoft.com

hi

Thanks. I will ask our colleague.

hi

It would be best if you could provide the code and steps to resolve this problem.

The SQL query is generated by code. I have to check the source code.

liming.ma@volosoft.com

Thanks.

hi

openid client credentials are not created in the tenant

The openiddict application/client should always store on Host database.

showing invalid certificate but it is showing as valid certificate for web.xyx.com

Your HTTPS certification should contain the *.web.xyx.com.

acme.sh --issue --dns dns_cf -d getabp.net -d '*.getabp.net' -d '*.api.getabp.net' -d '*.ids.getabp.net' -d '*.ng.getabp.net' -d '*.web.getabp.net'

hi

What is your Studio version?

Have you upgraded to the latest?