Open Closed

Use HangFire with AbpHangfireAuthorizationFilter throw HTTP ERROR 401 #4683


User avatar
0
augustin.couval@manuloc.eu created

Hello, Our project structure is mentioned in this ticket : https://support.abp.io/QA/Questions/4663#answer-3a09d256-58d0-4c55-dc67-7e989f693fb3

We tried to add Hangfire in Admin part of the project (ConfigurateurClient.Admin.HttpApi.Host\AdminHttpApiHostModule.cs).

we called app.UseHangFireDashboard on the last line of OnApplicationInitialization method.

The Admin.HangFire pemrission is well defined in the application.contract layer

But when we want acces to https://localhost:44340/hangfire, we have this message.

And in the swagger logs :

Avez-vous des informations sur ce que nous aurions pu manquer pour générer ce type d'erreur ?

ABP Framework version: v7.0.0

UI type: Angular and Blazor (not relevant here)

DB provider: EF Core

Tiered (MVC) or Identity Server Separated (Angular): no


17 Answer(s)
  • User Avatar
    0
    berkansasmaz created
    Support Team .NET Developer

    Any chance to send the content of your OnApplicationInitialization method? Maybe you have a missing or misordered request-response pipeline.

  • User Avatar
    0
    augustin.couval@manuloc.eu created
    
        public override void OnApplicationInitialization(ApplicationInitializationContext context)
        {
            var app = context.GetApplicationBuilder();
            var env = context.GetEnvironment();
    
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }
    
            app.UseAbpRequestLocalization();
            app.UseStaticFiles();
            app.UseAbpSecurityHeaders();
            app.UseRouting();
            app.UseCors();
            app.UseAuthentication();
    
            if (MultiTenancyConsts.IsEnabled)
            {
                app.UseMultiTenancy();
            }
    
            app.UseAuthorization();
            app.UseSwagger();
            app.UseAbpSwaggerUI(options =>
            {
                options.SwaggerEndpoint("/swagger/v1/swagger.json", "Admin API");
    
                var configuration = context.GetConfiguration();
                options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
            });
            
    
            app.UseAuditing();
            app.UseAbpSerilogEnrichers();
            app.UseUnitOfWork();
            app.UseConfiguredEndpoints();
            app.UseHangfireDashboard("/hangfire", new DashboardOptions
            {
                AsyncAuthorization = new[] { new AbpHangfireAuthorizationFilter(enableTenant: true, requiredPermissionName: "Admin.HangFire") }
            });
        }```
    
  • User Avatar
    0
    berkansasmaz created
    Support Team .NET Developer

    First of all, UseHangfireDashboard must be before UseConfiguredEndpoints. However, this is not the problem, I tried to reproduce the problem with the information you provided, but I was unsuccessful, here is my code:

    ConfigureServices:

        ...
        ...
        ...
        ...
        ConfigureHangfire(context, configuration);
    

    ConfigureHangfire:

        private void ConfigureHangfire(ServiceConfigurationContext context, IConfiguration configuration)
        {
            context.Services.AddHangfire(config => { config.UseInMemoryStorage(); });
        }
    

    OnApplicationInitialization:

        public override void OnApplicationInitialization(ApplicationInitializationContext context)
        {
            var app = context.GetApplicationBuilder();
            var env = context.GetEnvironment();
    
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
            }
    
            app.UseAbpRequestLocalization();
            app.UseStaticFiles();
            app.UseAbpSecurityHeaders();
            app.UseRouting();
            app.UseCors();
            app.UseAuthentication();
    
            if (MultiTenancyConsts.IsEnabled)
            {
                app.UseMultiTenancy();
            }
    
            app.UseAuthorization();
            app.UseSwagger();
            app.UseAbpSwaggerUI(options =>
            {
                options.SwaggerEndpoint("/swagger/v1/swagger.json", "Admin API");
    
                var configuration = context.GetConfiguration();
                options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
            });
    
    
            app.UseAuditing();
            app.UseAbpSerilogEnrichers();
            app.UseUnitOfWork();
            app.UseHangfireDashboard("/hangfire", new DashboardOptions
            {
                AsyncAuthorization = new[]
                    {new AbpHangfireAuthorizationFilter(enableTenant: true, requiredPermissionName: "Admin.HangFire")}
            });
            app.UseConfiguredEndpoints();
        }
    

    When we look at the status code, it returns 401. So, it doesn't see you as authorized, but I think you are logged in. It felt like CurrentUser.IsAuthenticated was returning false somehow. Can you confirm this information by debugging AbpHangfireAuthorizationFilter

  • User Avatar
    0
    augustin.couval@manuloc.eu created

    When I debug AbpHangfireAuthorizationFilter :

    I don't see CurrentUser.IsAuthenticated value in locales variables

  • User Avatar
    0
    berkansasmaz created
    Support Team .NET Developer

    Yes, because the CurrentUser service is resolved from RequestServices in IsLoggedIn method.

    See: https://github.com/abpframework/abp/blob/ba6ded35524cd4f743f263f33ac37cbc8f238fcd/framework/src/Volo.Abp.HangFire/Volo/Abp/Hangfire/AbpHangfireAuthorizationFilter.cs#L38-L45

  • User Avatar
    0
    pierremih created

    Hi, In-depth debugging of the AbpHangfireAuthorizationFilter seems impossible becaue the .pdb symbols file cannot be found Can you give me indications on how debug AbpHangfireAuthorizationFilter to confirm that CurrentUser.IsAuthenticated is returning false?

  • User Avatar
    0
    pierremih created

    I could debug the AbpHangfireAuthorizationFilter class. It is indeed detecting us as not authenticated.

  • User Avatar
    0
    berkansasmaz created
    Support Team .NET Developer

    I understand, but you're logged in, right? You can see your account information, or if you are logged in as an admin user, you can visit the page where you can see the list of all users and so on, right? If so, I might need to take a closer look at your project. It's hard to say anything directly.

  • User Avatar
    0
    pierremih created

    I logged in using the swagger's built-in function here

    And when checking the Authentication server's page, it does show me as logged in.

    We can grant you access to the Github repository. Can you confirm this is you ? https://github.com/berkansasmaz Hangfire is being implemented on branch 346-use-hangfire

  • User Avatar
    0
    berkansasmaz created
    Support Team .NET Developer

    I am very happy with the information you have given because I understand the problem. But we need to verify, so can you visit the /account/login page and try again after login?

  • User Avatar
    0
    pierremih created

    Even after login that way, the issue is still the same.

  • User Avatar
    0
    berkansasmaz created
    Support Team .NET Developer

    Got it, you can grant access to this GitHub account.

  • User Avatar
    0
    pierremih created

    I granted you access. The repo is https://github.com/Manuloc/ConfigurationClient/ on the branch https://github.com/Manuloc/ConfigurationClient/tree/346-use-hangfire

  • User Avatar
    0
    berkansasmaz created
    Support Team .NET Developer

    The problem is that you have installed Hangfire in ConfigurateurClient.Admin.HttpApi.Host. If you want to use Hangfire in this project, you should edit ConfigureAuthentication similar to ConfigurateurClient.Admin.Blazor, but I don't recommend it. You don't need to open ConfigurateurClient.Admin.HttpApi.Host outside, it can stay internal. Users with ConfigurateurClient.Admin.Blazor admin privileges can access as the UI allows, but they don't need to access ConfigurateurClient.Admin.HttpApi.Host so you don't need to open its URL outside.

    As a result, if you want to solve the problem with the least effort and with a more accurate method, you can solve the problem by moving similar codes to ConfigurateurClient.Admin.Blazor. I tried it works, you can see the screenshot below.

  • User Avatar
    0
    pierremih created

    Thank you for the great news, We will try this solution and come back towards you to confirm the result. Have a nice day

  • User Avatar
    0
    pierremih created

    I moved hangfire to the blazor project and it's working perfectly. Thank you You can mark the issue as resolved

  • User Avatar
    0
    berkansasmaz created
    Support Team .NET Developer

    Closing the issue. Feel free to re-open or create a new issue if you have further questions 😄

Made with ❤️ on ABP v9.1.0-preview. Updated on December 05, 2024, 12:19