Starts in:
1 DAY
10 HRS
51 MIN
58 SEC
Starts in:
1 D
10 H
51 M
58 S
Open Closed

User not found for tenant using Azure K8s -> Cannot override HandlePasswordAsync due to route conflict #6652


User avatar
0
fordz created
  • ABP Framework version: v7.2.2 Commercial
  • UI Type: N/A
  • Database System: EF Core (SQL Server)
  • Tiered (for MVC) or Auth Server Separated (for Angular): yes

To recap... the initial issue we are trying to solve is: See ticket #6452 for background and details of issue.

"We're using the microservice template and using the auth-server app for authentication. The auth-server application has been slightly modified for custom branding. We have a .net API to get a token using the IdentityModel.Client.

When I call the API using Postman that's pointing to the auth-server running on localhost via Tye I'm able to successfully get a token. When I call the API pointing to the auth-server running in Azure Kubernetes I get an invalid username and password error.

The code is the exact same. The database is the same and the credentials are the exact same."

Based on feedback of things to try as suggested in responses to #6452:

Can you try to remove the HostTenantResolveContributer? You can override the HandlePasswordAsync method of TokenController. Output a log to show the current tenant. var tenant = await TenantConfigurationProvider.GetAsync(saveResolveResult: false); https://github.com/abpframework/abp/blob/dev/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.Password.cs#L78***

I'm getting a duplicate route error and am not quite sure how to get around it to override the HandlePasswordAysnc method of TokenController' as suggested to inspect the Tenant.Name. I cannot change the route of 'connect/token' as it is set by OAuth.

  • Exception message and full stack trace:

Here is the returned error.

[12:06:20 ERR] An unhandled exception has occurred while executing the request. Microsoft.AspNetCore.Routing.Matching.AmbiguousMatchException: The request matched multiple endpoints. Matches: CprOnAbp.AuthServer.MyTokenController.HandleAsync (CprOnAbp.AuthServer) Volo.Abp.OpenIddict.Controllers.TokenController.HandleAsync (Volo.Abp.OpenIddict.AspNetCore) at Microsoft.AspNetCore.Routing.Matching.DefaultEndpointSelector.ReportAmbiguity(CandidateState[] candidateState) at Microsoft.AspNetCore.Routing.Matching.DefaultEndpointSelector.ProcessFinalCandidates(HttpContext httpContext, CandidateState[] candidateState) at Microsoft.AspNetCore.Routing.Matching.DfaMatcher.MatchAsync(HttpContext httpContext) at Microsoft.AspNetCore.Routing.EndpointRoutingMiddleware.Invoke(HttpContext httpContext) at Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware.Invoke(HttpContext context) at Volo.Abp.AspNetCore.Security.AbpSecurityHeadersMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<&lt;UseMiddlewareInterface>b__1>d.MoveNext() --- End of stack trace from previous location --- at Volo.Abp.AspNetCore.Tracing.AbpCorrelationIdMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<&lt;UseMiddlewareInterface>b__1>d.MoveNext() --- End of stack trace from previous location --- at Microsoft.AspNetCore.Localization.RequestLocalizationMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.RequestLocalization.AbpRequestLocalizationMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<&lt;UseMiddlewareInterface>b__1>d.MoveNext() --- End of stack trace from previous location --- at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddlewareImpl.Invoke(HttpContext context) [12:06:20 INF] Request finished HTTP/1.1 POST https://localhost:44322/connect/token application/x-[[[[www-form-urlencoded 387](http://www-form-urlencoded](http://www-form-urlencoded](http://www-form-urlencoded](http://www-form-urlencoded 387](http://www-form-urlencoded](http://www-form-urlencoded](http://www-form-urlencoded) 387](http://www-form-urlencoded](http://www-form-urlencoded](http://www-form-urlencoded)) 387](http://www-form-urlencoded) 387) - 500 - text/plain;+charset=utf-8 251.5204ms

  • Steps to reproduce the issue:

Created a TokenController inherited from Volo.Abp.OpenIddict.Controllers.TokenController to override HandlePasswordAsync. Here is the code.

MyTokenController in AuthServer

using System; using System.Threading.Tasks; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Options; using OpenIddict.Abstractions; using Volo.Abp.OpenIddict.Controllers; using Volo.Abp.OpenIddict.ExtensionGrantTypes;

namespace CprOnAbp.AuthServer;

[Route("connect/token")] [IgnoreAntiforgeryToken] public class MyTokenController : TokenController {

public MyTokenController()
{
}

[HttpGet, HttpPost, Produces("application/json")]
public override async Task&lt;IActionResult&gt; HandleAsync()
{
    var request = await GetOpenIddictServerRequestAsync(HttpContext);

    if (request.IsPasswordGrantType())
    {
        return await HandlePasswordAsync(request); // Call the overridden HandlePasswordAsync method
    }

    // Add other grant type handling here as needed

    return await base.HandleAsync();
}

// Override the HandlePasswordAsync method
protected override async Task&lt;IActionResult&gt; HandlePasswordAsync(OpenIddictRequest request)
{
    // Your custom implementation goes here
    var tenant = await TenantConfigurationProvider.GetAsync(saveResolveResult: false);
    Console.WriteLine($"Tenant Name: {tenant.Name}");

    // Call the base implementation if needed
    return await base.HandlePasswordAsync(request);
}

}

I've shared our 2 projects that are needed to recreate this issue with Maliming. Auth-Server and oauth-api

Any ideas? Thanks.


1 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    [IgnoreAntiforgeryToken]
    [Dependency(ReplaceServices = true)]
    [ExposeServices(typeof(TokenController))]
    public class MyTokenController : TokenController
    
Made with ❤️ on ABP v9.1.0-preview. Updated on November 20, 2024, 13:06