Starts in:
1 DAY
1 HR
54 MIN
40 SEC
Starts in:
1 D
1 H
54 M
40 S
Open Closed

Nginx reverse proxy deployment - login does not return #465


User avatar
1
jason.smith created
  • ABP Framework version: v3.1.2
  • UI type: Angular
  • Tiered (MVC) or Identity Server Seperated (Angular): no (single host)
  • Exception message and stack trace: None
  • Steps to reproduce the issue:

The setup works find on the developers machine using localhost, and local database. Looking to now deploy using the following:

  • Nginx reverse proxy
    • host angular front end
    • host API redirect
  • AWS ec2 instance with ports 80, 443, and 5000 allowed
  • RDS database setup as postgreSQL 12.4 (version used in development)
  • dotnet kestrel service bound to localhost:5000 (Nginx redirects public_ip:5000 to this)

Angular environment file - replace <public_ip> with actual public address <br>

import { Config } from '@abp/ng.core';
const baseUrl = 'http://<public_ip>:80';
export const environment = {
    production: false,
    application: {
        baseUrl,
        name: 'Repros',
        logoUrl: '',
    },
    oAuthConfig: {
        issuer: 'http://<public_ip>:5000',
        redirectUri: baseUrl,
        clientId: 'Repros_App',
        responseType: 'code',
        scope: 'offline_access Repros',
    },
    apis: {
        default: {
            url: 'http://<public_ip>:5000',
            rootNamespace: 'eWater.Repros'
        },
    },
} as Config.Environment;

<br> Http.Host environment file - again replace <public_ip> with actual public address, same for connection string <br>

{ 
    "Urls": "[http://localhost:5000](http://localhost:5000)", 
    "App": { 
        "SelfUrl": "[http://localhost:5000](http://localhost:5000)", 
        "CorsOrigins": "http://<public_ip>,[http://localhost:80,http://localhost:4200](http://localhost:80,http://localhost:4200)" 
    }, 
    "ConnectionStrings": { 
        "Default": "<connection_string>" 
    }, 
    "AuthServer": { 
        "Authority": "[http://localhost:5000](http://localhost:5000)" 
    }
}

<br> Ngnix configuraiton file <br>

worker_processes 1;

events {
    worker_connections 1024;
}

http {
    include mime.types;
    default_type application/octet-stream;
    sendfile        on;
    keepalive_timeout  0;

    server {
        listen       80;
        index index.html;
        root scenario-datastore-debug/dist;
        ignore_invalid_headers off;
        underscores_in_headers on;
        location / {
            try_files $uri %uri/ /index.html;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
        root   html;
    }
}

server {
    listen        5000;
    location / {
        proxy_pass         [http://127.0.0.1:5000](http://127.0.0.1:5000);
        proxy_http_version 1.1;
        proxy_set_header   Upgrade $http_upgrade;
        proxy_set_header   Connection keep-alive;
        proxy_set_header   Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Proto $scheme;
    }
}

<br> The resulting behaviour is the following:

  1. The front end starts up and the Angular front end loads into the index page with user logged out. 
  2. Clicking login results in the progress bar across the top, and only one endpoint being hit. Nothing is logged in the Host service log file. 

<br> Lastly I know the http host is working as expected as I can see it being called in the initial home page load.

I don't see any errors or activity in the dev console, host log, or nginx log. The script just seems to stop.

I am uncertain as to where to even start with an error like this. The dev environment works correctly, even having parts of it (i.e. not ng serve) go through nginx.

I found that the requireHttps for oAuth was set to the default of everything but localhost requires. So I turned this off and started getting the following error in the chrome dev console:

invalid issuer in discovery document expected: http://<public_ip>:5000 current: http://<public_ip>

My nginx configuration should be allowing this through, so confused as to what is occurring here.


No answer yet!
Made with ❤️ on ABP v9.1.0-preview. Updated on November 20, 2024, 13:06