Closed

I need help to create Identity server(Using Identity server 4 not openIdct) in latest ABP framework 8.2 + #7912

nayan.ranjane@softtech-engr.com created one year ago

I am using abp framework 8.2 Dawnloaded layered template with ABP Studio and found that their is default implementation of openIdct but I want to use Identity server4. Hence followed following steps to convert from OpenIdct to Identity server

https://abp.io/docs/8.2/release-info/migration-guides/identityserver4-step-by-step
https://abp.io/docs/8.2/release-info/migration-guides/openiddict-mvc (This is implementation that provides identity server to OpenIdct for web but It is incomplete as not mensioned all dependecy of identity server for abp 8.2+)

ABP Framework version: v8.2
UI Type: MVC
Database System: EF Core (SQL )
Tiered (for MVC) or Auth Server Separated: yes
Exception message and full stack trace:
Steps to reproduce the issue:
Dawnloaded layered template with ABP Studio and found that their is default implementation of openIdct but I want to use Identity server4. Hence followed following steps to convert from OpenIdct to Identity server

https://abp.io/docs/8.2/release-info/migration-guides/identityserver4-step-by-step
https://abp.io/docs/8.2/release-info/migration-guides/openiddict-mvc (This is implementation that provides identity server to OpenIdct for web but It is incomplete as not mensioned all dependecy of identity server for abp 8.2+)

58 Answer(s)

0

liangshiwei created one year ago
Support Team Fullstack Developer

Hi,

I think it's all. We have not changed Identity server in these versions.

you can give it a try, if there any problem you get, you can write it here
0

nayan.ranjane@softtech-engr.com created one year ago

Hii liangshiwei, I have tried to solve this and followed steps but web project is not starting please share me sample abp 8.2 project with identity server 4
0

liangshiwei created one year ago
Support Team Fullstack Developer

I have tried to solve this and followed steps but web project is not starting

could you share the project with me? shiwei.liang@volosoft.com
0

nayan.ranjane@softtech-engr.com created one year ago

I have mailed you sample project structure
0

liangshiwei created one year ago
Support Team Fullstack Developer

okay, i will check it
0

nayan.ranjane@softtech-engr.com created one year ago

okay, i will check it

Please give me solution my entire team is waiting for the same
0

nayan.ranjane@softtech-engr.com created one year ago

I want to create new sample Identity server with abp 8.2 and Identity server 4. You can provide me sample template for the same. I have ABP commercial 8.2.
0

liangshiwei created one year ago
Support Team Fullstack Developer

HI,

I shared the project with you yesterday, did you receive the email
0

nayan.ranjane@softtech-engr.com created one year ago

Yes I got the solution but I need steps to migrate entire layered structure project from openIdct to Identity server because I have to migrate my real project for the same.
0

liangshiwei created one year ago
Support Team Fullstack Developer

you can refer to the project to migrate your real project.

if you can got any issue you can write it here
0

nayan.ranjane@softtech-engr.com created one year ago

Some of the Identity server related api's are not there in solution given by you please give me solution for the same. this api is not there https://localhost:44311/api/identity-server/clients which is present in Identity server which model I need to add over there ? sharing callstack. [12:45:10 INF] Executing ObjectResult, writing value of type 'Volo.Abp.Content.RemoteStreamContent'. [12:45:10 INF] Executed action Volo.Abp.Account.AccountController.GetProfilePictureFileAsync (Volo.Abp.Account.Pro.Public.HttpApi) in 22.1978ms [12:45:10 INF] Executed endpoint 'Volo.Abp.Account.AccountController.GetProfilePictureFileAsync (Volo.Abp.Account.Pro.Public.HttpApi)' [12:45:10 INF] Request starting HTTP/2 GET https://localhost:44311/api/identity-server/clients?filter=&sorting=clientId%20desc&skipCount=0&maxResultCount=10 - application/json null [12:45:10 DBG] Get dynamic claims cache for user: dc6b6db5-77e4-6440-e031-39fa1c550ada
0

nayan.ranjane@softtech-engr.com created one year ago

I think you have missed Volo.Abp.IdentityServer.Application.Contracts 8.3.0 in Contract layer please resolve this issue.
0

liangshiwei created one year ago
Support Team Fullstack Developer

https://abp.io/support/questions/7912/I-need-help-to-create-Identity-serverUsing-Identity-server-4-not-openIdct--in-latest-ABP-framework-82#answer-3a153a3b-680b-1e9d-9ff5-6baf6703cd0d

Sorry, I didn't see any error message here.

I think you have missed Volo.Abp.IdentityServer.Application.Contracts 8.3.0 in Contract layer please resolve this issue.

you can add it if missed. this is not a big problem.
0

nayan.ranjane@softtech-engr.com created one year ago

Share you error stack please give me steps to solve following issue for identity server integration .

[11:59:49 DBG] Added 0 entity changes to the current audit log [11:59:49 DBG] Added 0 entity changes to the current audit log [11:59:49 ERR] An unhandled exception has occurred while executing the request. System.NullReferenceException: Object reference not set to an instance of an object. at Volo.Abp.Account.Public.Web.Pages.Account.AccountPageModel.get_AccountAppService() at Microsoft.Extensions.Internal.PropertyHelper.CallPropertyGetter[TDeclaringType,TValue](Func`2 getter, Object target) at Microsoft.AspNetCore.Routing.RouteValueDictionary.EnsureCapacitySlow(Int32 capacity) at Microsoft.AspNetCore.Routing.RouteValueDictionary.set_Item(String key, Object value) at Microsoft.AspNetCore.Mvc.Routing.UrlHelperBase.NormalizeRouteValuesForPage(ActionContext context, String page, String handler, RouteValueDictionary values, RouteValueDictionary ambientValues) at Microsoft.AspNetCore.Mvc.UrlHelperExtensions.Page(IUrlHelper urlHelper, String pageName, String pageHandler, Object values, String protocol, String host, String fragment) at Microsoft.AspNetCore.Mvc.Infrastructure.RedirectToPageResultExecutor.ExecuteAsync(ActionContext context, RedirectToPageResult result) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.ResultNext[TFilter,TFilterAsync](State& next, Scope& scope, Object& state, Boolean& isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeNextResultFilterAsyncTFilter,TFilterAsync --- End of stack trace from previous location --- at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResultExecutedContextSealed context) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.ResultNext[TFilter,TFilterAsync](State& next, Scope& scope, Object& state, Boolean& isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeResultFilters() --- End of stack trace from previous location --- at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.
0

nayan.ranjane@softtech-engr.com created one year ago

Share you error stack please give me steps to solve following issue for identity server integration .

[11:59:49 DBG] Added 0 entity changes to the current audit log [11:59:49 DBG] Added 0 entity changes to the current audit log [11:59:49 ERR] An unhandled exception has occurred while executing the request. System.NullReferenceException: Object reference not set to an instance of an object. at Volo.Abp.Account.Public.Web.Pages.Account.AccountPageModel.get_AccountAppService() at Microsoft.Extensions.Internal.PropertyHelper.CallPropertyGetter[TDeclaringType,TValue](Func`2 getter, Object target) at Microsoft.AspNetCore.Routing.RouteValueDictionary.EnsureCapacitySlow(Int32 capacity) at Microsoft.AspNetCore.Routing.RouteValueDictionary.set_Item(String key, Object value) at Microsoft.AspNetCore.Mvc.Routing.UrlHelperBase.NormalizeRouteValuesForPage(ActionContext context, String page, String handler, RouteValueDictionary values, RouteValueDictionary ambientValues) at Microsoft.AspNetCore.Mvc.UrlHelperExtensions.Page(IUrlHelper urlHelper, String pageName, String pageHandler, Object values, String protocol, String host, String fragment) at Microsoft.AspNetCore.Mvc.Infrastructure.RedirectToPageResultExecutor.ExecuteAsync(ActionContext context, RedirectToPageResult result) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.ResultNext[TFilter,TFilterAsync](State& next, Scope& scope, Object& state, Boolean& isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeNextResultFilterAsyncTFilter,TFilterAsync --- End of stack trace from previous location --- at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResultExecutedContextSealed context) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.ResultNext[TFilter,TFilterAsync](State& next, Scope& scope, Object& state, Boolean& isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeResultFilters() --- End of stack trace from previous location --- at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.

please solve this its very urgent
0

liangshiwei created one year ago
Support Team Fullstack Developer

Hi,

It looks not related to Identityserver.

could you share the project with me? i will check it.
0

nayan.ranjane@softtech-engr.com created one year ago

Hi,

It looks not related to Identityserver.

could you share the project with me? i will check it.

I have shared project with you and you need to create one client application to reproduct this identity server issue at the time of logout its giving me above error from client application
0

nayan.ranjane@softtech-engr.com created one year ago

Have you checked it?

liangshiwei created one year ago

Support Team Fullstack Developer

Hi,

I can confirm this is a bug,

Here is the temporary solution

[ExposeServices(typeof(LogoutModel))]
public class IdentityServerSupportedLogoutModel : LogoutModel
{
    protected IIdentityServerInteractionService Interaction { get; }

    public IdentityServerSupportedLogoutModel(
        IIdentityServerInteractionService interaction
    )
    {
        Interaction = interaction;
    }

    public override async Task<IActionResult> OnGetAsync()
    {
        await SignInManager.SignOutAsync();

        var logoutId = Request.Query["logoutId"].ToString();

        if (!string.IsNullOrEmpty(logoutId))
        {
            var logoutContext = await Interaction.GetLogoutContextAsync(logoutId);

            await SaveSecurityLogAsync(logoutContext?.ClientId);

            await SignInManager.SignOutAsync();

            // for ui to see an anonymous user
            HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity());

            var queryCulture = logoutContext?.Parameters.Get("culture");
            var queryUICulture = logoutContext?.Parameters.Get("ui-culture");
            var vm = new
            {
                PostLogoutRedirectUri = logoutContext?.PostLogoutRedirectUri,
                ClientName = logoutContext?.ClientName,
                SignOutIframeUrl = logoutContext?.SignOutIFrameUrl,
                Culture = queryCulture,
                UICulture = queryUICulture
            };


            Logger.LogInformation($"Redirecting to LoggedOut Page...");
            return RedirectToPage("./LoggedOut", vm);
        }

        await SaveSecurityLogAsync();

        if (ReturnUrl != null)
        {
            return LocalRedirect(ReturnUrl);
        }

        Logger.LogInformation(
            $"IdentityServerSupportedLogoutModel couldn't find postLogoutUri... Redirecting to:/Account/Login..");
        return RedirectToPage("/Account/Login");
    }

    protected virtual async Task SaveSecurityLogAsync(string clientId = null)
    {
        if (CurrentUser.IsAuthenticated)
        {
            await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext()
            {
                Identity = IdentitySecurityLogIdentityConsts.Identity,
                Action = IdentitySecurityLogActionConsts.Logout,
                ClientId = clientId
            });
        }
    }
}

nayan.ranjane@softtech-engr.com created one year ago

Hi,

I can confirm this is a bug,

Here is the temporary solution

[ExposeServices(typeof(LogoutModel))] 
public class IdentityServerSupportedLogoutModel : LogoutModel 
{ 
    protected IIdentityServerInteractionService Interaction { get; } 
 
    public IdentityServerSupportedLogoutModel( 
        IIdentityServerInteractionService interaction 
    ) 
    { 
        Interaction = interaction; 
    } 
 
    public override async Task<IActionResult> OnGetAsync() 
    { 
        await SignInManager.SignOutAsync(); 
 
        var logoutId = Request.Query["logoutId"].ToString(); 
 
        if (!string.IsNullOrEmpty(logoutId)) 
        { 
            var logoutContext = await Interaction.GetLogoutContextAsync(logoutId); 
 
            await SaveSecurityLogAsync(logoutContext?.ClientId); 
 
            await SignInManager.SignOutAsync(); 
 
            // for ui to see an anonymous user 
            HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity()); 
 
            var queryCulture = logoutContext?.Parameters.Get("culture"); 
            var queryUICulture = logoutContext?.Parameters.Get("ui-culture"); 
            var vm = new 
            { 
                PostLogoutRedirectUri = logoutContext?.PostLogoutRedirectUri, 
                ClientName = logoutContext?.ClientName, 
                SignOutIframeUrl = logoutContext?.SignOutIFrameUrl, 
                Culture = queryCulture, 
                UICulture = queryUICulture 
            }; 
 
 
            Logger.LogInformation($"Redirecting to LoggedOut Page..."); 
            return RedirectToPage("./LoggedOut", vm); 
        } 
 
        await SaveSecurityLogAsync(); 
 
        if (ReturnUrl != null) 
        { 
            return LocalRedirect(ReturnUrl); 
        } 
 
        Logger.LogInformation( 
            $"IdentityServerSupportedLogoutModel couldn't find postLogoutUri... Redirecting to:/Account/Login.."); 
        return RedirectToPage("/Account/Login"); 
    } 
 
    protected virtual async Task SaveSecurityLogAsync(string clientId = null) 
    { 
        if (CurrentUser.IsAuthenticated) 
        { 
            await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext() 
            { 
                Identity = IdentitySecurityLogIdentityConsts.Identity, 
                Action = IdentitySecurityLogActionConsts.Logout, 
                ClientId = clientId 
            }); 
        } 
    } 
}

After adding above code, we are able to Logout without any error but logout page is not return to client application. we inspected page and found that href='/' ie postloguri is not setting in cshtml page please check and resolve as soon as possible

0

nayan.ranjane@softtech-engr.com created one year ago

Please resolve above issue asap
0

liangshiwei created one year ago
Support Team Fullstack Developer

Did you pass parameters when logging out?
0

nayan.ranjane@softtech-engr.com created one year ago

Did you pass parameters when logging out?

Yes I already passed and checked with debugger also
0

liangshiwei created one year ago
Support Team Fullstack Developer

Hi,

You need to configure the RedirectAllowedUrls

try to add your URL to RedirectAllowedUrls:
0

nayan.ranjane@softtech-engr.com created one year ago

Now redirection is working after clicking on given redirection button but not directly after 3 seconds. Because It should directly return to postlogredirecturi as per last Identity server.