Open Closed

Remove the dummyClientSecret config out of the environment.ts #6863


User avatar
0
nguyenngoc.son created

Hi, Currently we're working to remove the dummyClientSecret config out of the environment.ts. Because in our application, we'll call the connect/token API from the method login of AuthService (@abp/ng.core lib) so after removing it, the API returns invalid_grant message because when calling the connect/token API the login method automaticly send the dummyClientSecret value to the request body. We have tried to set the dummyClientSecret value inside the angular component using the setState method of EnvironmentService, however the login method throw the exception tokenEndpoint is null. But when we console log the environment, then the tokenEndpoint still exists with the same value we config inside the environment.ts file

  • ABP Framework version: v7.4.2
  • UI Type: Angular
  • Database System: PostgreSQL
  • Tiered (for MVC) or Auth Server Separated (for Angular): yes

9 Answer(s)
  • User Avatar
    0
    Anjali_Musmade created
    Support Team Support Team Member

    Hello,

    please check out similar issue https://support.abp.io/QA/Questions/91/Angular-Environment-settings-replaced-by-settings-in-server-side-appsettingsjson if it helps you.

    thanks

  • User Avatar
    0
    nguyenngoc.son created

    Hi I'm try with the above guideline, however I got the error below

  • User Avatar
    0
    Anjali_Musmade created
    Support Team Support Team Member

    Hello,

    please check this https://docs.abp.io/en/abp/latest/UI/Angular/Environment#how-to-set-the-environment

    thanks

  • User Avatar
    0
    nguyenngoc.son created

    Hi, After following the guidelines,

    I got this error when login, the login method of ABPOAuthService throw exception for not find the token endpoint

    When I revert the changes, it working as expected

  • User Avatar
    0
    masum.ulu created
    Support Team Angular Expert

    we'll call the connect/token API from the method login of AuthService (@abp/ng.core lib) so after removing it, the API returns invalid_grant message because when calling the connect/token API the login method automaticly send the dummyClientSecret value to the request body.

    Hi can you please show request sample code and network in browser, because I couldn't understand which method includes the dummyClientSecret from environment state ? If u want to get token you can use the password grant

  • User Avatar
    0
    nguyenngoc.son created

    Hi, When the application call method login of ABPOAuthService, we only sent the username and password user to the request payload. As you can see on the second and third images, I believe that the login function is getting client_id, client_secret, and scope from environment.

    After update the dummyClientSecret by setState function of EnvironmentService, the login function throw the exception relative to the tokenEndpoint.

    However when I check that value in the environment then it still exists.

    It working as expected if I

    Network tab

    Request body

    Parameters send to login function

    Login function from @abp/ng.core lib

  • User Avatar
    0
    sumeyye.kurtulus created
    Support Team Angular Expert

    Hi, When the application call method login of ABPOAuthService, we only sent the username and password user to the request payload. As you can see on the second and third images, I believe that the login function is getting client_id, client_secret, and scope from environment.

    After update the dummyClientSecret by setState function of EnvironmentService, the login function throw the exception relative to the tokenEndpoint.

    However when I check that value in the environment then it still exists.

    It working as expected if I

    Network tab

    Request body

    Parameters send to login function

    Login function from @abp/ng.core lib

    Hello, can you also try using loginUsingGrant function to be able to give the grantType and get the token that you may be looking for?

  • User Avatar
    0
    nguyenngoc.son created

    Hi, The same issue with loginUsingGrant method

  • User Avatar
    0
    sumeyye.kurtulus created
    Support Team Angular Expert

    Hello again. The library we are using to manage this process gets the oAuthConfig values from the environment variables and reads the dummyClientSecret value accordingly.

    For this reason, we would suggest you to use the same library called OAuthService . This will allow you to manage the dummyClient value to be sent in the body and get the tokens that you may need (e.g. fetchTokenUsingPasswordFlow function).

    After you have achieved this, you can set the same value back manually.

Made with ❤️ on ABP v9.1.0-preview. Updated on November 11, 2024, 11:11