Provide us with the following info:
We're currently using the micro services template with the auth-server as an MVC application.
We're a SaaS provider with dozens of client tenants. Each has either their own domain or a subdomain under our brand domain. For example: auth.mydomain1.com auth.mydomain2.com etc.
What we want to do is have one auth-server application that is mapped to multiple domains and/or subdomains. However in the auth-server application configuration (appsettings) there is only one SelfUrl.
In our vue application we're using the oidc-client.ts NPM module to access the auth-server openiddict. In the oidc-client User Manager settings I can set the redirect url to ${window.location.origin}/signin-oidc, so it's correctly routed back to the Vue application after authentication. I can also specify the authority url to include the client domain auth.${window.location.origin}. In the above examples, if I specify auth.mydomain1.com as the authority, it won't find it since there's only 1 SelfUrl in the appsettings of the auth-server.
How do I have multiple "SelfUrls" based on tenant domain/subdomain in the auth server so I can call it from the Vue application (or any other application for that matter)?
I know one way is to have a different auth server application running for each domain instance but that gets expensive since we have over 80 clients today.
Looking forward to your response. Thank you.
We've developed a solution using the microservices template.
We have 2 services with their own database. We need to create a query using the Abp libraries that joins results from queries from each of the databases.
Use case:
The client microservices manages clients. The programs service manages programs that are assigned to clients.
We want to have one query that gets all of the programs of a given type. We want to have a second query that returns all of the clients associated with those programs.
How do we do that using the microservices template? Has anyone done this before and if so is there a sample we can follow?
Check the docs before asking a question: https://docs.abp.io/en/commercial/latest/ Check the samples, to see the basic tasks: https://docs.abp.io/en/commercial/latest/samples/index The exact solution to your question may have been answered before, please use the search on the homepage.
If you're creating a bug/problem report, please include followings:
1 optionsAction) at Microsoft.Extensions.DependencyInjection.ServiceCollectionApplicationExtensions.AddApplicationAsync[TStartupModule](IServiceCollection services, Action1 optionsAction)
at Microsoft.Extensions.DependencyInjection.WebApplicationBuilderExtensions.AddApplicationAsync[TStartupModule](WebApplicationBuilder builder, Action`1 optionsAction)
at AuthServer.Program.Main(String[] args) in /src/Program.cs:line 27This is line 141 from AuthserverModule.cs
var redis = ConnectionMultiplexer.Connect(configuration["Redis:Configuration"]);
This is my auth server deployment.yaml
# Source: authserver/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: authserver
namespace: abp-app
spec:
selector:
matchLabels:
app: authserver
replicas: 1
template:
metadata:
labels:
app: authserver
spec:
containers:
- name: authserver
image: cprtestregistry.azurecr.io/authserver:v1.1
imagePullPolicy: Always
ports:
- name: http
containerPort: 80
- name: https
containerPort: 443
env:
- name: StringEncryption__DefaultPassPhrase
value: ert134134t1qqerg
- name: App__CorsOrigins
value: https://public-gateway.cloverleafcms.dev,https://web-gateway.cloverleafcms.dev
- name: App__DisablePII
value: "true"
- name: App__RedirectAllowedUrls
value: https://admin.cloverleafcms.dev,https://admin.cloverleafcms.dev,
- name: App__SelfUrl
value: https://auth.cloverleafcms.dev
- name: AuthServer__Authority
value: https://auth.cloverleafcms.dev
- name: AuthServer__RequireHttpsMetadata
value: "false"
- name: AuthServer__SwaggerClientId
value: WebGateway_Swagger
- name: ConnectionStrings__AdministrationService
value: Server=***
- name: ConnectionStrings__IdentityService
value: Server=***
- name: ConnectionStrings__SaasService
value: Server=***
- name: DOTNET_ENVIRONMENT
value: Staging
- name: ElasticSearch__Url
value: http://elasticsearch
- name: Redis__Configuration
value: http://redis
This is my redis service.yaml file:
apiVersion: v1
kind: Service
metadata:
labels:
name: redis
name: redis
spec:
type: ClusterIP
ports:
- name: redis
port: 6379
selector:
app: redis
I've verified that the redis service is running via kubectl get services redis ClusterIP 10.2.92.53
I've also tried using value: redis for the Redis__Configuration env and get this in the pod log: It was not possible to connect to the redis server(s). UnableToConnect on redis:6379/Interactive, Initializing/NotStarted, last: NONE, origin: BeginConnectAsync, outstanding: 0, last-read: 0s ago, last-write: 0s ago, keep-alive: 60s, state: Connecting, mgr: 10 of 10 available, last-heartbeat: never, global: 0s ago, v: 2.2.4.27433 at StackExchange.Redis.ConnectionMultiplexer.ConnectImpl(ConfigurationOptions configuration, TextWriter log) in /_/src/StackExchange.Redis/ConnectionMultiplexer.cs:line 1163
We're using App Commercial and the Microservices template.
We want to build a custom UI with Vue JS as the front end and using the API's in the micro-services on the back end. I'm having a hard time figuring out which services and API(s) to use to login a user to get an access token and the permissions for their roles.
It seems the login from a web app is only through a redirect to the MVC Authentication app. Is that accurate?
If not, can someone guide me?
Thank you.