Tenant-Id and Tenant-Name Not Set in Header After Dashboard Redirect (SSO OIDC) #8132
https://abp.io/support/questions/8132/Tenant-Id-and-Tenant-Name-Not-Set-in-Header-After-Dashboard-Redirect-SSO-OIDC?CurrentPage=5
74 Answer(s)
-
0
The log does not contain the internal exception.
The logs of this 500 error should exist on the project, which depends on the
AbpAccountPublicApplicationModule(Volo.Abp.Account.Pro.Public.Application)module.[14:10:09 INF] [] Request starting "HTTP/2" "GET" "https"://"localhost:44359""""/api/account/my-profile""" - null null [14:10:09 INF] [] CORS policy execution successful. [14:10:09 INF] [] Handling request: /api/account/my-profile [14:10:09 INF] [] Handling request logProject: product [14:10:09 INF] [] Handling request logProjectGroupName: /ecs/product-dev-gateway [14:10:09 INF] [] Handling request logProject change tenant: product [14:10:09 INF] [Product] Executing endpoint '"Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)"' [14:10:09 INF] [Product] Route matched with "{area = \"account\", controller = \"Profile\", action = \"Get\", page = \"\"}". Executing controller action with signature "System.Threading.Tasks.Task`1[Volo.Abp.Account.ProfileDto] GetAsync()" on controller "Volo.Abp.Account.ProfileController" ("Volo.Abp.Account.Pro.Public.HttpApi"). [14:10:09 INF] [Product] Executed action "Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)" in 13.5452ms [14:10:09 INF] [Product] Executed endpoint '"Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)"' [14:10:09 INF] [] Finished handling request. [14:10:09 INF] [] Request finished "HTTP/2" "GET" "https"://"localhost:44359""""/api/account/my-profile""" - 500 null "application/json" 195.4187ms -
0
The log does not contain the internal exception.
The logs of this 500 error should exist on the project, which depends on the
AbpAccountPublicApplicationModule(Volo.Abp.Account.Pro.Public.Application)module.[14:10:09 INF] [] Request starting "HTTP/2" "GET" "https"://"localhost:44359""""/api/account/my-profile""" - null null [14:10:09 INF] [] CORS policy execution successful. [14:10:09 INF] [] Handling request: /api/account/my-profile [14:10:09 INF] [] Handling request logProject: product [14:10:09 INF] [] Handling request logProjectGroupName: /ecs/product-dev-gateway [14:10:09 INF] [] Handling request logProject change tenant: product [14:10:09 INF] [Product] Executing endpoint '"Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)"' [14:10:09 INF] [Product] Route matched with "{area = \"account\", controller = \"Profile\", action = \"Get\", page = \"\"}". Executing controller action with signature "System.Threading.Tasks.Task`1[Volo.Abp.Account.ProfileDto] GetAsync()" on controller "Volo.Abp.Account.ProfileController" ("Volo.Abp.Account.Pro.Public.HttpApi"). [14:10:09 INF] [Product] Executed action "Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)" in 13.5452ms [14:10:09 INF] [Product] Executed endpoint '"Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)"' [14:10:09 INF] [] Finished handling request. [14:10:09 INF] [] Request finished "HTTP/2" "GET" "https"://"localhost:44359""""/api/account/my-profile""" - 500 null "application/json" 195.4187msHi maliming,
I will check this one more time. Can we try a first approach, as it may work?
I have gone through the POC project, and after authenticating with the third-party IDP, we are redirected to the dashboard. After that, the following two API calls are automatically triggered from the Angular app to authenticate with our IDP:
https://localhost:44333/connect/authorize
https://localhost:44333/connect/authorize
However, when we apply the same process in our existing application, after the redirect to the dashboard, these two APIs are not being called automatically.
I have some question ?
- This API not authenticated with our IDP that's why redirect to logout page right ?
- As per my understanding above two screen shot API is base method API?
- We override your login page done some custom changes that why not authorize first approach ?
For your reference i will share to you POC project as well as OIDC AUTH0 IDP server credentials. can you pls check and guide as per my understanding first approach it will work.
We need force fully call below method and authenticate with our IDP . https://localhost:44333/connect/authorize
please suggest .
-
0
POC project not able to shared you because browser restriction
-
0
hi
POC project not able to shared you because browser restriction
What does that mean?
You can share the project via one drive, google drive or https://wetransfer.com/
Please include the steps to reproduce the problem.
Thanks.
-
0
Hi
shared pls check
-
0
ok
I have downloaded your project. Can you share the steps to reproduce the problem?
Thanks.
-
0
ok
I have downloaded your project. Can you share the steps to reproduce the problem?
Thanks.
This is POC project not mine can you pls run your side able to redirect to dashboard..
hit below url in browser, it will make an API call to the SSO login endpoint.
http://localhost:4200?idp=oidc
-
0
The log does not contain the internal exception.
The logs of this 500 error should exist on the project, which depends on the
AbpAccountPublicApplicationModule(Volo.Abp.Account.Pro.Public.Application)module.[14:10:09 INF] [] Request starting "HTTP/2" "GET" "https"://"localhost:44359""""/api/account/my-profile""" - null null [14:10:09 INF] [] CORS policy execution successful. [14:10:09 INF] [] Handling request: /api/account/my-profile [14:10:09 INF] [] Handling request logProject: product [14:10:09 INF] [] Handling request logProjectGroupName: /ecs/product-dev-gateway [14:10:09 INF] [] Handling request logProject change tenant: product [14:10:09 INF] [Product] Executing endpoint '"Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)"' [14:10:09 INF] [Product] Route matched with "{area = \"account\", controller = \"Profile\", action = \"Get\", page = \"\"}". Executing controller action with signature "System.Threading.Tasks.Task`1[Volo.Abp.Account.ProfileDto] GetAsync()" on controller "Volo.Abp.Account.ProfileController" ("Volo.Abp.Account.Pro.Public.HttpApi"). [14:10:09 INF] [Product] Executed action "Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)" in 13.5452ms [14:10:09 INF] [Product] Executed endpoint '"Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)"' [14:10:09 INF] [] Finished handling request. [14:10:09 INF] [] Request finished "HTTP/2" "GET" "https"://"localhost:44359""""/api/account/my-profile""" - 500 null "application/json" 195.4187msHi maliming,
I will check this one more time. Can we try a first approach, as it may work?
I have gone through the POC project, and after authenticating with the third-party IDP, we are redirected to the dashboard. After that, the following two API calls are automatically triggered from the Angular app to authenticate with our IDP:
https://localhost:44333/connect/authorize
https://localhost:44333/connect/authorize
However, when we apply the same process in our existing application, after the redirect to the dashboard, these two APIs are not being called automatically.
I have some question ?
- This API not authenticated with our IDP that's why redirect to logout page right ?
- As per my understanding above two screen shot API is base method API?
- We override your login page done some custom changes that why not authorize first approach ?
For your reference i will share to you POC project as well as OIDC AUTH0 IDP server credentials. can you pls check and guide as per my understanding first approach it will work.
We need force fully call below method and authenticate with our IDP . https://localhost:44333/connect/authorize
please suggest .
suggest on this
-
0
unauthorized_client: Callback URL mismatch. https://localhost:44333/signin-oidc is not in the list of allowed callback URLs
-
0
ok give me 5 mint
-
0
sure : )
-
0
add call back url "CallbackPath": "/api/oidc/ExternalLoginCallback" SSOAppTemplate.AuthServer appsetting.json
SSOAppTemplateAuthServerModule.cs file add below line inside ConfigureServices method
options.CallbackPath = configuration["Authentication:OpenIDConnect:CallbackPath"];
-
0
The process are:
- localhost:4200 -> login -> redirect - https://localhost:44333/Account/Login
OpenIdConnect->auth0.com(redirect url is https://localhost:44333/api/oidc/ExternalLoginCallback)- signing at auth0 ->
https://localhost:44333/api/oidc/ExternalLoginCallback->http://localhost:4200/?code=UAbYIzkcPox30xx - success
The access_token are issuer from https://localhost:44333 instead of auth0.com
-
0
you successfully redirected to dashboard right ?
-
0
Yes
-
0
Same POC code i have implemented in my existing project. However, after redirect to dashboard, In My project connect/authorize and http://localhost:4200/?code=UAbYIzkcPox30xx API as well not call automatically from angular.
IF you see POC project in network tab you able to find out after redirect dashboard .
connect/authorize and and http://localhost:4200/?code=UAbYIzkcPox30xx automatically call from angular .If i am correct how to resolved this or my observation is not correct ? pls suggest.
-
0
hi
Can you share the
harfile again?The
redirect uriof the POC project and your previous request are different.Please re-record the har of your project.
Thanks.
-
0
hi
Can you share the
harfile again?The
redirect uriof the POC project and your previous request are different.Please re-record the har of your project.
Thanks.
As per our earlier discussion, you suggested that I change the approach. As a result, I moved all the code from the API to the Angular side, which is why the redirect URL is now different:
http://localhost:4200/oidcredirectHowever, we will set aside this approach for now. As per the POC project, we will follow the original approach.
Below is the POC redirect URL. We will now follow this POC code approach.
-
0
ok, Can you share the
haragain and anaccess_token?I want to confirm your angular has same process as https://abp.io/support/questions/8267/Tenant-Id-and-Tenant-Name-Not-Set-in-Header-After-Dashboard-Redirect-SSO-OIDC#answer-3a163675-cf75-bff7-f6b5-ea26eb547742
-
0
ok sure
-
0
Thanks.
-
0
Hi, I have shared har over email please check and let me know if you required any other information.
Thanks.
-
0
hi
Can I check it by zoom? Your process and POC project are different.
Please use zoom client join and share your screen.
https://us05web.zoom.us/j/81532058135?pwd=IwBnxMffhlJsUptdHTdYomYviAfeDD.1
-
0
I didn't see such a process:
- localhost:4200 -> login -> redirect - https://localhost:44333/Account/Login
- OpenIdConnect -> auth0.com(redirect url is https://localhost:44333/api/oidc/ExternalLoginCallback)
- signing at auth0 -> https://localhost:44333/api/oidc/ExternalLoginCallback -> http://localhost:4200/?code=UAbYIzkcPox30xx
- success
-
0
hi
Can I check it by zoom? Your process and POC project are different.
Please use zoom client join and share your screen.
https://us05web.zoom.us/j/81532058135?pwd=IwBnxMffhlJsUptdHTdYomYviAfeDD.1
sure.. can you pls share one time zoom link i will connect
