Activities of "raymondbu95"

Alright, i will give it a try.

Hi,

Just to be clear, i want to generate return url, like this https://localhost:44322/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%3Fclient_id%3DWeb%26redirect_uri%3Dhttps%253A%252F%252Flocalhost%253A44321%252Fsignin-oidc%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520roles%2520email%2520phone%2520AccountService%2520IdentityService%2520AdministrationService%2520SaasService%2520ProductService%26response_mode%3Dform_post%26nonce%3D638604142118781220.ZWJiNTVkNTYtOWMwOS00NTEwLTlhMGYtZTEwNTBlNjNhNWI5Yjg0NGJmMGQtNWYyZS00OTdkLTkyMjYtYmQ4YTFiOTJjNWRi%26state%3DCfDJ8BqWOdMEnGxGvE1s7ED6M6Rl_JtIkhpKcCROlH3wl7WBJgdRbOYI5cEAPaPIqSBjHr-fkCo_XUzgG50OOzcsbrcrQgb7BHjp2e04Tcc_Bivruvg5Xqg5hCYSzWJigrWOu9f1B3H6gDeDyuktA1sizFMJDgF7BUDT_ph0vau72WuaSGHk5kxaHC72fS4_1k-pQKkpTK8SHQOjjycSBWwf0O_V8DhDq1DHTOkLw2SSJLsOdsI4B1PqeG9DDgvBrFnX8bbvGeNRcOeW6KiF1eItOh9HjLw9VUgtiPoCLKpPNgC9%26x-client-SKU%3DID_NET8_0%26x-client-ver%3D7.0.3.0

but instead login, i want it to generate for /Account/Register.

Can point me to a direction of how to generate returnurl like this?

Nobody can answer?

Hi,

what i meant is generate the returnurl, not hard coded in ya.

or maybe can you show me how does the login return-url was generated? i can use that as an example

hi,

umm actually i want redirect to authserver's register page, but also with all the return-url param like we clicked on login from public websites. i didnt want to customize the flow, just want to direct to register page when button was clicked.

if so, this will have the return url and client params?

Hi there, regarding this issue, i pushed to server, it throws unauthorized_client, but in my record i had these

["ept:logout","gt:authorization_code","rst:code","ept:authorization","ept:token","ept:revocation","ept:introspection","gt:refresh_token","gt:password","gt:LinkLogin","gt:Impersonation","scp:address","scp:email","scp:phone","scp:profile","scp:roles","scp:gt:auto_token","scp:AccountService","scp:IdentityService","scp:AdministrationService","scp:SaasService","scp:ProductService"]

at Angular client

i cleared redis, but still having this issue.

{
  "error": "unauthorized_client",
  "error_description": "This client application is not allowed to use the specified grant type.",
  "error_uri": "https://documentation.openiddict.com/errors/ID2064"
}

and i also have this setting up in my Module.cs

public class CustomTokenExtension : AbpOpenIdDictControllerBase, ITokenExtensionGrant 
{
public const string ExtensionGrantName = "auto_token";

public string Name => ExtensionGrantName;
public async Task<IActionResult> HandleAsync(ExtensionGrantContext context)
{
    var signInManager = context.HttpContext.RequestServices.GetRequiredService<AbpSignInManager>();
    // var principal = (await HttpContext.AuthenticateAsync(OpenIddictServerAspNetCoreDefaults.AuthenticationScheme)).Principal;
    // principal = await AbpClaimsPrincipalFactory.CreateDynamicAsync(principal);
    var uid = context.Request.GetParameter("u").ToString();

    if (string.IsNullOrEmpty(uid))
    {
        return new ForbidResult(
            new[] { OpenIddictServerAspNetCoreDefaults.AuthenticationScheme },
            properties: new AuthenticationProperties(new Dictionary<string, string>
            {
                [OpenIddictServerAspNetCoreConstants.Properties.Error] = OpenIddictConstants.Errors.InvalidRequest
            }!));
    }

    if (!Guid.TryParse(uid, out var userId))
    {
        return new ForbidResult(
                            new[] { OpenIddictServerAspNetCoreDefaults.AuthenticationScheme },
                            properties: new AuthenticationProperties(new Dictionary<string, string>
                            {
                                [OpenIddictServerAspNetCoreConstants.Properties.Error] = OpenIddictConstants.Errors.InvalidRequest
                            }!));
    }

    // var userId = principal.FindUserId();
    var userManager = context.HttpContext.RequestServices.GetRequiredService<IdentityUserManager>();
    var user = await userManager.GetByIdAsync(userId);
    var userClaimsPrincipalFactory = context.HttpContext.RequestServices.GetRequiredService<IUserClaimsPrincipalFactory<Volo.Abp.Identity.IdentityUser>>();
    var principal = await signInManager.CreateUserPrincipalAsync(user);
    await signInManager.SignInAsync(user, isPersistent: false);

    //For abp version >= 7.3
    await context.HttpContext.RequestServices.GetRequiredService<AbpOpenIddictClaimsPrincipalManager>().HandleAsync(context.Request, principal);

    return new Microsoft.AspNetCore.Mvc.SignInResult(OpenIddictServerAspNetCoreDefaults.AuthenticationScheme, principal);
}

should have all these in access token, lack of aud & scope