Starts in:
1 DAY
21 HRS
13 MIN
15 SEC
Starts in:
1 D
21 H
13 M
15 S

Activities of "saintpoida"

  • ABP Framework version: v2.9.0
  • UI type: Angular
  • Tiered (MVC) or Identity Server Seperated (Angular): yes
  • Exception message and stack trace:
  • Steps to reproduce the issue:

Hi guys I am not sure if I am doing anything wrong here but trying to set email settings has been a little annoying. Since the settings provider for email settings is already setup by your modules how can I get it to display in the front end UI? The email management module seems to be an old version (2.6?) in commercial nuget repository and if I try add it the project wont run.

I can set the settings in appsettings however the password is expected to be encrypted by default and obviously its not encrypted if im adding it to the appsettings file. I have overridden the email settings as per documentation using the following and can get it to work but it would be nicer if I could just use UI if it exists already?

public class EmailOverrideSettingsProvider : SettingDefinitionProvider
    {
        public override void Define(ISettingDefinitionContext context)
        {
            var password = context.GetOrNull(EmailSettingNames.Smtp.Password);
            if (password != null)
            {
                password.IsEncrypted = false;
            }
        }
    }
Question
  • ABP Framework version: v2.9.0
  • UI type: Angular
  • Tiered (MVC) or Identity Server Seperated (Angular): Tiered and seperated
  • Exception message and stack trace:
  • Steps to reproduce the issue:

I can see the docs about replacing the logo component which i have not tried yet but it only looks like it would allow me to set a single logo. To be useable with your base set of theme styles how can we specify the normal and reversed logo? I can see what looks to be css properties/variables called --logo and --logo-reverse but how would i go about replacing them in my project?

Alternatively using the logo component replacement how can I hook into some property to know if i should show reversed or normal logo?

  • ABP Framework version: v2.7.0
  • UI type: Angular
  • Tiered (MVC) or Identity Server Seperated (Angular): yes
  • Exception message and stack trace: None
  • Steps to reproduce the issue:

Hi guys,

So firstly background, i have created a custom class library to represent another module im working on, it is MyModule.HttpApi for example, its added as a project reference to the main HttpApi project and it loads fine. It has custom middleware in it to serve files from a certain path (basically hiding the physical path to the file) so I can call https://localhost:44311/StaticFiles/image0.jpeg and it serves an image from where ever i want. This works fine too.

However now i am trying to protect it with authorization and im having real troubles. Obviously if you go straight to an image or file path there is no bearer token set on that request but cookies are sent. I can see when i look at dev console that cookies are in the request but i cant tell if they are the right cookies or not. So then i have read lots of docs and tried various things for it to recognise cookies but i cant tell if im doing it correctly.

Can you guys give me any info i should follow if i want cookies to work as well as bearer token?

I have tried lots of things with no luck and currently am sitting with the code below which also doesnt work. My custom policy only has context.Succeed in it so it should pass if it gets there but its blocked by the policy.RequireAuthenticatedUser(); I can tell its blocked cause if i remove that line then my handler gets picked up but debugging the context in that handler shows no claims either

.AddAuthentication(options =>
                {
                    options.DefaultScheme = "IdentityAndCookie";// IdentityServerAuthenticationDefaults.AuthenticationScheme;
                    //options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                    //options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                })
                .AddPolicyScheme("IdentityAndCookie", "Identity server and cookie", options =>
                {
                    options.ForwardDefaultSelector = context =>
                    {
                        var bearerAuth = context.Request.Headers["Authorization"].FirstOrDefault()?.StartsWith("Bearer ") ?? false;
                        // You could also check for the actual path here if that's your requirement:
                        // eg: if (context.HttpContext.Request.Path.StartsWithSegments("/api", StringComparison.InvariantCulture))
                        if (bearerAuth)
                            return IdentityServerAuthenticationDefaults.AuthenticationScheme;
                        else
                            return CookieAuthenticationDefaults.AuthenticationScheme;
                    };
                })
                .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options =>
                {
                    //options.LoginPath = "/Account/Unauthorized/";
                    //options.AccessDeniedPath = "/Account/Forbidden/";
                    options.Cookie.Name = ".AspNetCore.Identity.Application";
                })
                .AddIdentityServerAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme, options =>
                {
                    options.Authority = configuration["AuthServer:Authority"];
                    options.RequireHttpsMetadata = true;
                    options.ApiName = "Hub";
                })
                ;


            context.Services.AddSingleton<IAuthorizationHandler, StaticFilesReadHandler>();

            context.Services.AddAuthorization(options =>
            {
                options.DefaultPolicy = new AuthorizationPolicyBuilder(CookieAuthenticationDefaults.AuthenticationScheme, IdentityServerAuthenticationDefaults.AuthenticationScheme)
                    .RequireAuthenticatedUser()
                    //.AddRequirements(new StaticFilesReadRequirement())
                    .Build();
                options.AddPolicy("StaticFiles.Read", policy =>
                {
                    policy.AuthenticationSchemes.Add(CookieAuthenticationDefaults.AuthenticationScheme);
                    //policy.AuthenticationSchemes.Add(IdentityServerAuthenticationDefaults.AuthenticationScheme);
                    policy.RequireAuthenticatedUser();
                    policy.Requirements.Add(new StaticFilesReadRequirement());
                });


            });

Hi guys,

Two questions:

  1. If a user from an external authentication has a 'role' claim set (or a mapping to a claim for role) how does that work internally in ABP? e.g. Is it just ignored if it doesnt have a matching local role name?
  2. If i wanted to map role names from claims to local roles what service or models would i need to extend or override?

Regards, Pete

Hi guys,

So I have got pretty much a base template running with a seperate Identity server endpoint with the angular/core project, not 100% of the advantage if its running from same db but i did it anyway to test it.

Now I am trying to add an external authentication to the identity server so the user can either create a local account or use their AAD account. I have managed to get the login with Active directory button to appear in the identity server endpoint and it looks like it works except when redirected back to my endpoint the user is actually not logged in. Instead it just shows the login screen again. The logs all say successful etc so im not sure if im missing something. I followed doc at https://docs.abp.io/en/abp/latest/How-To/Azure-Active-Directory-Authentication-MVC to get the majority of the settings in but its a little different cause im using the seperate endpoint.

So the following is what I have done

In ProjectNameIdentityServerModule i have

public override void PreConfigureServices(ServiceConfigurationContext context) { var configuration = context.Services.GetConfiguration(); PreConfigure<AbpIdentityServerBuilderOptions(builder => { builder.UpdateJwtSecurityTokenHanderDefaultInboundClaimTypeMap = true; //no idea if this is needed but its closest thing i could find to the Jwt mapping instructions in the MVC link });

 PreConfigure<IIdentityServerBuilder>(builder => {
        builder.Services.AddAuthentication()
            .AddAzureAD(options => configuration.Bind("AzureAd", options));
        
        builder.Services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options => {
            //this section is exactly as the mvc how to link is done so i have ommitted it
        });
    });
}

Then in that same project appSettings.json i have everything per the MVC also but two settings that may affect it i have included below "AzureAd": { "CallbackPath": "/signin-azuread-oidc", "Domain": "my AAD domain" //should this be empty? }

Since everything compiles and it launches the microsoft login as expected and then returns as expected i think all the above is correct configuration i will include the relevant lines from the log in a reply shortly.

Showing 1 to 5 of 5 entries
Made with ❤️ on ABP v9.1.0-preview. Updated on November 20, 2024, 13:06