Host Admin Site: We plan to use http://sroi-admin.awesome-tech.link/ as the host admin site.
Auth Server: Configured as https://imm-auth.koimpact.tw/ API Endpoint: Configured as https://imm-api.koimpact.tw/
First Tenant: The first tenant is set up as https://imm.koimpact.tw/. In the future, we expect to add other tenants, such as https://other-tenant.koimpact.tw/.
Question: Can this setup work as intended?
host admin / 1q2w3E*
imm admin / 1q2w3E*
https://imm.koimpact.tw/
AuthServer logs.txt https://drive.google.com/file/d/1yDKkGTFL9TuIfHwxEnNd__OmM1Abv2wH/view?usp=sharing
Hello, first of all, when attempting to log in to the website, it successfully reaches the authserver but shows a tenant switching option.
However, in the Angular app, I can see that it retrieves the IMM tenant based on the base application URL.
Then, in the authserver, whether I try to log in with the host account credentials or the IMM (tenant) account credentials, the login fails. The Angular app keeps redirecting back and forth to the authserver in a loop.
docker-compose.yml
sroi-auth: image: sroi-authserver:0.0.10 environment: - App__CorsOrigins=https://*.koimpact.tw,https://sroi-admin.awesome-tech.link - App__SelfUrl=https://auth-imm.koimpact.tw - App__RedirectAllowedUrls=https://imm.koimpact.tw,https://sroi-admin.awesome-tech.link - App__domainsFormat=https://{0}.koimpact.tw - AuthServer__Authority=https://auth-imm.koimpact.tw
AuthServer
`public override void PreConfigureServices(ServiceConfigurationContext context) { var hostingEnvironment = context.Services.GetHostingEnvironment(); var configuration = context.Services.GetConfiguration();
PreConfigure<OpenIddictBuilder>(builder =>
{
builder.AddValidation(options =>
{
options.AddAudiences("Sroi");
options.UseLocalServer();
options.UseAspNetCore();
});
});
if (!hostingEnvironment.IsDevelopment())
{
PreConfigure<AbpOpenIddictAspNetCoreOptions>(options =>
{
options.AddDevelopmentEncryptionAndSigningCertificate = false;
});
PreConfigure<OpenIddictServerBuilder>(serverBuilder =>
{
serverBuilder.AddProductionEncryptionAndSigningCertificate("openiddict.pfx", configuration["AuthServer:CertificatePassPhrase"]!);
serverBuilder.SetIssuer(new Uri(configuration["AuthServer:Authority"]!));
});
PreConfigure<AbpOpenIddictWildcardDomainOptions>(options =>
{
options.EnableWildcardDomainSupport = true;
var domainsFormat = configuration.GetValue<string>("App:DomainsFormat");
if (!string.IsNullOrWhiteSpace(domainsFormat))
{
foreach (var domainFormat in domainsFormat.Split(',', StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries))
{
options.WildcardDomainsFormat.Add(domainFormat);
}
}
});
}
}`
Can you help me check where my system has misconfigured settings that allow public access?
https://imm.koimpact.tw/
Dear ABP Team,
Thank you for the detailed explanation regarding the ABP secret keys (ApiKey and AbpLicenseCode). I appreciate the clear instructions on how to handle these keys, especially in cases where they might be exposed.
Your support is invaluable, and I’ll be sure to follow the outlined steps if needed. Thanks again for your assistance!
Regarding the same issue, is it possible to reset the license code?
Thank you for the explanation. I also have a related follow-up question:
