Hi, this is basically the users who are authenticated from external SSO are not our application users, only the similarity is the email address. After token validation, I have to check if the user exists in our system with the email id, if the user does not exist with that email create a user with a specific role and then set the current user. My question is how can I execute these user checks and creation logic immediately after token validation?
hi
Can you share a simple project? liming.ma@volosoft.com
I will download and check it.
Ok I will create and sample project and share. One more question regarding the user mapping, How can I map user which is authenticated by external sso and our admin api, we have to match the users with email and set currentuser for permission management.
hi
https://learn.microsoft.com/en-us/aspnet/core/security/authorization/limitingidentitybyscheme?view=aspnetcore-7.0#use-multiple-authentication-schemes
I mapped the schemes globally, working fine when I placed [Authorize] attribute in controller. But in ABP we don't have any [Authorize] attribute, it is in ApplicationService. If I remove [Authorize] attribute from controller and keeping [Authorize] attribute in ApplicationService class, it's giving me unauthorized.
[RemoteService(IsEnabled = false)]
[Authorize]
public class AuthorsAppService : ApplicationService, IAuthorsAppService{
ctor...
public virtual async Task<PagedResultDto<AuthorDto>> GetListAsync(GetAuthorsInput input)
{}
}
[RemoteService]
public class AuthorController : AbpController, IAuthorsAppService{
}
hi
You can call this code on controllers or
Authorize with a specific scheme in ASP.NET Corehttps://learn.microsoft.com/en-us/aspnet/core/security/authorization/limitingidentitybyscheme?view=aspnetcore-7.0
Hi, I added [Authorize(AuthenticationSchemes = "Bearer,jwt2")] attribute in the controller it's working fine. How can I apply both schemes by default in all controllers?
Yes, You can add multiple scheme
context.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { options.Authority = configuration["AuthServer:Authority"]; options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]); options.Audience = "Test1"; }).AddJwtBearer("your_jwt_schema", options => { options... })
Ok this one I mapped, Where should I add this code ?
var result = await httpContext.AuthenticateAsync("your_jwt_schema");
if (result.Succeeded && result.Principal != null)
{
ctx.User = result.Principal;
}
your_jwt_schema
Hi, can you share a sample code ? Where should I call the AuthenticateAsync ?
In My API layer I have already one jwt authentication scheme is there, can I add multiple scheme? This is my existing
private void ConfigureAuthentication(ServiceConfigurationContext context, IConfiguration configuration)
{
context.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.Authority = configuration["AuthServer:Authority"];
options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]);
options.Audience = "Test1";
});
}
hi
obtained token from External SSO Application
What kind of SSO application? Is the token a
JWTtoken?
Yes JWT token
Working now. Removed all existing cli and suite folders and reinstalled the suite with apikey. Thanks for your quick support.
hi
Try to uninstall and install the suite again.
abp suite remove abp suite install
No Luck
hi
Can you try to install other global tools?
This seems to be a problem with the global tool. eg:> dotnet tool install -g dotnetsay > dotnetsay
After installing this abp command is working but same access denied in abp suite command.
