Activities of "rexhxiao"

host admin / 1q2w3E*

imm admin / 1q2w3E*

https://imm.koimpact.tw/

AuthServer logs.txt https://drive.google.com/file/d/1yDKkGTFL9TuIfHwxEnNd__OmM1Abv2wH/view?usp=sharing

Hello, first of all, when attempting to log in to the website, it successfully reaches the authserver but shows a tenant switching option.

However, in the Angular app, I can see that it retrieves the IMM tenant based on the base application URL.

Then, in the authserver, whether I try to log in with the host account credentials or the IMM (tenant) account credentials, the login fails. The Angular app keeps redirecting back and forth to the authserver in a loop.

docker-compose.yml

sroi-auth: image: sroi-authserver:0.0.10 environment: - App__CorsOrigins=https://*.koimpact.tw,https://sroi-admin.awesome-tech.link - App__SelfUrl=https://auth-imm.koimpact.tw - App__RedirectAllowedUrls=https://imm.koimpact.tw,https://sroi-admin.awesome-tech.link - App__domainsFormat=https://{0}.koimpact.tw - AuthServer__Authority=https://auth-imm.koimpact.tw

AuthServer

`public override void PreConfigureServices(ServiceConfigurationContext context) { var hostingEnvironment = context.Services.GetHostingEnvironment(); var configuration = context.Services.GetConfiguration();

    PreConfigure<OpenIddictBuilder>(builder =>
    {
        builder.AddValidation(options =>
        {
            options.AddAudiences("Sroi");
            options.UseLocalServer();
            options.UseAspNetCore();
        });
    });

    if (!hostingEnvironment.IsDevelopment())
    {
        PreConfigure<AbpOpenIddictAspNetCoreOptions>(options =>
        {
            options.AddDevelopmentEncryptionAndSigningCertificate = false;
        });

        PreConfigure<OpenIddictServerBuilder>(serverBuilder =>
        {
            serverBuilder.AddProductionEncryptionAndSigningCertificate("openiddict.pfx", configuration["AuthServer:CertificatePassPhrase"]!);
            serverBuilder.SetIssuer(new Uri(configuration["AuthServer:Authority"]!));
        });

        PreConfigure<AbpOpenIddictWildcardDomainOptions>(options =>
        {
            options.EnableWildcardDomainSupport = true;
            
            var domainsFormat = configuration.GetValue<string>("App:DomainsFormat");

            if (!string.IsNullOrWhiteSpace(domainsFormat))
            {
                foreach (var domainFormat in domainsFormat.Split(',', StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries))
                {
                    options.WildcardDomainsFormat.Add(domainFormat);
                }
            }
        });
    }
}`

Can you help me check where my system has misconfigured settings that allow public access?

https://imm.koimpact.tw/

Dear ABP Team,

Thank you for the detailed explanation regarding the ABP secret keys (ApiKey and AbpLicenseCode). I appreciate the clear instructions on how to handle these keys, especially in cases where they might be exposed.

Your support is invaluable, and I’ll be sure to follow the outlined steps if needed. Thanks again for your assistance!

Regarding the same issue, is it possible to reset the license code?

Thank you for the explanation. I also have a related follow-up question:

1. Should the appsettings.secrets.json file be included when deploying the application to client environments?
2. If we reset the API key, how would that affect this file? Would it need manual updates, or is it handled automatically?

Yes, in earlier versions, the downloaded project included other source code I needed. However, in the latest version of the Angular project I downloaded, those source files are missing.