Open Closed

I need help to create Identity server(Using Identity server 4 not openIdct) in latest ABP framework 8.2 + #7912


User avatar
0
nayan.ranjane@softtech-engr.com created

I am using abp framework 8.2 Dawnloaded layered template with ABP Studio and found that their is default implementation of openIdct but I want to use Identity server4. Hence followed following steps to convert from OpenIdct to Identity server

  1. https://abp.io/docs/8.2/release-info/migration-guides/identityserver4-step-by-step
  2. https://abp.io/docs/8.2/release-info/migration-guides/openiddict-mvc (This is implementation that provides identity server to OpenIdct for web but It is incomplete as not mensioned all dependecy of identity server for abp 8.2+)
  • ABP Framework version: v8.2
  • UI Type: MVC
  • Database System: EF Core (SQL )
  • Tiered (for MVC) or Auth Server Separated: yes
  • Exception message and full stack trace:
  • Steps to reproduce the issue:
  • Dawnloaded layered template with ABP Studio and found that their is default implementation of openIdct but I want to use Identity server4. Hence followed following steps to convert from OpenIdct to Identity server
  1. https://abp.io/docs/8.2/release-info/migration-guides/identityserver4-step-by-step
  2. https://abp.io/docs/8.2/release-info/migration-guides/openiddict-mvc (This is implementation that provides identity server to OpenIdct for web but It is incomplete as not mensioned all dependecy of identity server for abp 8.2+)

58 Answer(s)
  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    I think it's all. We have not changed Identity server in these versions.

    you can give it a try, if there any problem you get, you can write it here

  • User Avatar
    0
    nayan.ranjane@softtech-engr.com created

    Hii liangshiwei, I have tried to solve this and followed steps but web project is not starting please share me sample abp 8.2 project with identity server 4

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    I have tried to solve this and followed steps but web project is not starting

    could you share the project with me? shiwei.liang@volosoft.com

  • User Avatar
    0
    nayan.ranjane@softtech-engr.com created

    I have mailed you sample project structure

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    okay, i will check it

  • User Avatar
    0
    nayan.ranjane@softtech-engr.com created

    okay, i will check it

    Please give me solution my entire team is waiting for the same

  • User Avatar
    0
    nayan.ranjane@softtech-engr.com created

    I want to create new sample Identity server with abp 8.2 and Identity server 4. You can provide me sample template for the same. I have ABP commercial 8.2.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    HI,

    I shared the project with you yesterday, did you receive the email

  • User Avatar
    0
    nayan.ranjane@softtech-engr.com created

    Yes I got the solution but I need steps to migrate entire layered structure project from openIdct to Identity server because I have to migrate my real project for the same.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    you can refer to the project to migrate your real project.

    if you can got any issue you can write it here

  • User Avatar
    0
    nayan.ranjane@softtech-engr.com created

    Some of the Identity server related api's are not there in solution given by you please give me solution for the same. this api is not there https://localhost:44311/api/identity-server/clients which is present in Identity server which model I need to add over there ? sharing callstack. [12:45:10 INF] Executing ObjectResult, writing value of type 'Volo.Abp.Content.RemoteStreamContent'. [12:45:10 INF] Executed action Volo.Abp.Account.AccountController.GetProfilePictureFileAsync (Volo.Abp.Account.Pro.Public.HttpApi) in 22.1978ms [12:45:10 INF] Executed endpoint 'Volo.Abp.Account.AccountController.GetProfilePictureFileAsync (Volo.Abp.Account.Pro.Public.HttpApi)' [12:45:10 INF] Request starting HTTP/2 GET https://localhost:44311/api/identity-server/clients?filter=&sorting=clientId%20desc&skipCount=0&maxResultCount=10 - application/json null [12:45:10 DBG] Get dynamic claims cache for user: dc6b6db5-77e4-6440-e031-39fa1c550ada

  • User Avatar
    0
    nayan.ranjane@softtech-engr.com created

    I think you have missed Volo.Abp.IdentityServer.Application.Contracts 8.3.0 in Contract layer please resolve this issue.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    https://abp.io/support/questions/7912/I-need-help-to-create-Identity-serverUsing-Identity-server-4-not-openIdct--in-latest-ABP-framework-82#answer-3a153a3b-680b-1e9d-9ff5-6baf6703cd0d

    Sorry, I didn't see any error message here.

    I think you have missed Volo.Abp.IdentityServer.Application.Contracts 8.3.0 in Contract layer please resolve this issue.

    you can add it if missed. this is not a big problem.

  • User Avatar
    0
    nayan.ranjane@softtech-engr.com created

    Share you error stack please give me steps to solve following issue for identity server integration .

    [11:59:49 DBG] Added 0 entity changes to the current audit log [11:59:49 DBG] Added 0 entity changes to the current audit log [11:59:49 ERR] An unhandled exception has occurred while executing the request. System.NullReferenceException: Object reference not set to an instance of an object. at Volo.Abp.Account.Public.Web.Pages.Account.AccountPageModel.get_AccountAppService() at Microsoft.Extensions.Internal.PropertyHelper.CallPropertyGetter[TDeclaringType,TValue](Func`2 getter, Object target) at Microsoft.AspNetCore.Routing.RouteValueDictionary.EnsureCapacitySlow(Int32 capacity) at Microsoft.AspNetCore.Routing.RouteValueDictionary.set_Item(String key, Object value) at Microsoft.AspNetCore.Mvc.Routing.UrlHelperBase.NormalizeRouteValuesForPage(ActionContext context, String page, String handler, RouteValueDictionary values, RouteValueDictionary ambientValues) at Microsoft.AspNetCore.Mvc.UrlHelperExtensions.Page(IUrlHelper urlHelper, String pageName, String pageHandler, Object values, String protocol, String host, String fragment) at Microsoft.AspNetCore.Mvc.Infrastructure.RedirectToPageResultExecutor.ExecuteAsync(ActionContext context, RedirectToPageResult result) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.ResultNext[TFilter,TFilterAsync](State& next, Scope& scope, Object& state, Boolean& isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeNextResultFilterAsyncTFilter,TFilterAsync --- End of stack trace from previous location --- at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResultExecutedContextSealed context) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.ResultNext[TFilter,TFilterAsync](State& next, Scope& scope, Object& state, Boolean& isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeResultFilters() --- End of stack trace from previous location --- at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.

  • User Avatar
    0
    nayan.ranjane@softtech-engr.com created

    Share you error stack please give me steps to solve following issue for identity server integration .

    [11:59:49 DBG] Added 0 entity changes to the current audit log [11:59:49 DBG] Added 0 entity changes to the current audit log [11:59:49 ERR] An unhandled exception has occurred while executing the request. System.NullReferenceException: Object reference not set to an instance of an object. at Volo.Abp.Account.Public.Web.Pages.Account.AccountPageModel.get_AccountAppService() at Microsoft.Extensions.Internal.PropertyHelper.CallPropertyGetter[TDeclaringType,TValue](Func`2 getter, Object target) at Microsoft.AspNetCore.Routing.RouteValueDictionary.EnsureCapacitySlow(Int32 capacity) at Microsoft.AspNetCore.Routing.RouteValueDictionary.set_Item(String key, Object value) at Microsoft.AspNetCore.Mvc.Routing.UrlHelperBase.NormalizeRouteValuesForPage(ActionContext context, String page, String handler, RouteValueDictionary values, RouteValueDictionary ambientValues) at Microsoft.AspNetCore.Mvc.UrlHelperExtensions.Page(IUrlHelper urlHelper, String pageName, String pageHandler, Object values, String protocol, String host, String fragment) at Microsoft.AspNetCore.Mvc.Infrastructure.RedirectToPageResultExecutor.ExecuteAsync(ActionContext context, RedirectToPageResult result) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.ResultNext[TFilter,TFilterAsync](State& next, Scope& scope, Object& state, Boolean& isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeNextResultFilterAsyncTFilter,TFilterAsync --- End of stack trace from previous location --- at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResultExecutedContextSealed context) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.ResultNext[TFilter,TFilterAsync](State& next, Scope& scope, Object& state, Boolean& isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeResultFilters() --- End of stack trace from previous location --- at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.

    please solve this its very urgent

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    It looks not related to Identityserver.

    could you share the project with me? i will check it.

  • User Avatar
    0
    nayan.ranjane@softtech-engr.com created

    Hi,

    It looks not related to Identityserver.

    could you share the project with me? i will check it.

    I have shared project with you and you need to create one client application to reproduct this identity server issue at the time of logout its giving me above error from client application

  • User Avatar
    0
    nayan.ranjane@softtech-engr.com created

    Have you checked it?

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    I can confirm this is a bug,

    Here is the temporary solution

    [ExposeServices(typeof(LogoutModel))]
    public class IdentityServerSupportedLogoutModel : LogoutModel
    {
        protected IIdentityServerInteractionService Interaction { get; }
    
        public IdentityServerSupportedLogoutModel(
            IIdentityServerInteractionService interaction
        )
        {
            Interaction = interaction;
        }
    
        public override async Task<IActionResult> OnGetAsync()
        {
            await SignInManager.SignOutAsync();
    
            var logoutId = Request.Query["logoutId"].ToString();
    
            if (!string.IsNullOrEmpty(logoutId))
            {
                var logoutContext = await Interaction.GetLogoutContextAsync(logoutId);
    
                await SaveSecurityLogAsync(logoutContext?.ClientId);
    
                await SignInManager.SignOutAsync();
    
                // for ui to see an anonymous user
                HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity());
    
                var queryCulture = logoutContext?.Parameters.Get("culture");
                var queryUICulture = logoutContext?.Parameters.Get("ui-culture");
                var vm = new
                {
                    PostLogoutRedirectUri = logoutContext?.PostLogoutRedirectUri,
                    ClientName = logoutContext?.ClientName,
                    SignOutIframeUrl = logoutContext?.SignOutIFrameUrl,
                    Culture = queryCulture,
                    UICulture = queryUICulture
                };
    
    
                Logger.LogInformation($"Redirecting to LoggedOut Page...");
                return RedirectToPage("./LoggedOut", vm);
            }
    
            await SaveSecurityLogAsync();
    
            if (ReturnUrl != null)
            {
                return LocalRedirect(ReturnUrl);
            }
    
            Logger.LogInformation(
                $"IdentityServerSupportedLogoutModel couldn't find postLogoutUri... Redirecting to:/Account/Login..");
            return RedirectToPage("/Account/Login");
        }
    
        protected virtual async Task SaveSecurityLogAsync(string clientId = null)
        {
            if (CurrentUser.IsAuthenticated)
            {
                await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext()
                {
                    Identity = IdentitySecurityLogIdentityConsts.Identity,
                    Action = IdentitySecurityLogActionConsts.Logout,
                    ClientId = clientId
                });
            }
        }
    }
    
  • User Avatar
    0
    nayan.ranjane@softtech-engr.com created

    Hi,

    I can confirm this is a bug,

    Here is the temporary solution

    [ExposeServices(typeof(LogoutModel))] 
    public class IdentityServerSupportedLogoutModel : LogoutModel 
    { 
        protected IIdentityServerInteractionService Interaction { get; } 
     
        public IdentityServerSupportedLogoutModel( 
            IIdentityServerInteractionService interaction 
        ) 
        { 
            Interaction = interaction; 
        } 
     
        public override async Task<IActionResult> OnGetAsync() 
        { 
            await SignInManager.SignOutAsync(); 
     
            var logoutId = Request.Query["logoutId"].ToString(); 
     
            if (!string.IsNullOrEmpty(logoutId)) 
            { 
                var logoutContext = await Interaction.GetLogoutContextAsync(logoutId); 
     
                await SaveSecurityLogAsync(logoutContext?.ClientId); 
     
                await SignInManager.SignOutAsync(); 
     
                // for ui to see an anonymous user 
                HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity()); 
     
                var queryCulture = logoutContext?.Parameters.Get("culture"); 
                var queryUICulture = logoutContext?.Parameters.Get("ui-culture"); 
                var vm = new 
                { 
                    PostLogoutRedirectUri = logoutContext?.PostLogoutRedirectUri, 
                    ClientName = logoutContext?.ClientName, 
                    SignOutIframeUrl = logoutContext?.SignOutIFrameUrl, 
                    Culture = queryCulture, 
                    UICulture = queryUICulture 
                }; 
     
     
                Logger.LogInformation($"Redirecting to LoggedOut Page..."); 
                return RedirectToPage("./LoggedOut", vm); 
            } 
     
            await SaveSecurityLogAsync(); 
     
            if (ReturnUrl != null) 
            { 
                return LocalRedirect(ReturnUrl); 
            } 
     
            Logger.LogInformation( 
                $"IdentityServerSupportedLogoutModel couldn't find postLogoutUri... Redirecting to:/Account/Login.."); 
            return RedirectToPage("/Account/Login"); 
        } 
     
        protected virtual async Task SaveSecurityLogAsync(string clientId = null) 
        { 
            if (CurrentUser.IsAuthenticated) 
            { 
                await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext() 
                { 
                    Identity = IdentitySecurityLogIdentityConsts.Identity, 
                    Action = IdentitySecurityLogActionConsts.Logout, 
                    ClientId = clientId 
                }); 
            } 
        } 
    } 
    

    After adding above code, we are able to Logout without any error but logout page is not return to client application. we inspected page and found that href='/' ie postloguri is not setting in cshtml page please check and resolve as soon as possible

  • User Avatar
    0
    nayan.ranjane@softtech-engr.com created

    Please resolve above issue asap

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Did you pass parameters when logging out?

  • User Avatar
    0
    nayan.ranjane@softtech-engr.com created

    Did you pass parameters when logging out?

    Yes I already passed and checked with debugger also

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    You need to configure the RedirectAllowedUrls

    try to add your URL to RedirectAllowedUrls:

  • User Avatar
    0
    nayan.ranjane@softtech-engr.com created

    Now redirection is working after clicking on given redirection button but not directly after 3 seconds. Because It should directly return to postlogredirecturi as per last Identity server.

Made with ❤️ on ABP v9.1.0-preview. Updated on December 12, 2024, 07:15