Open Closed

Tenant-Id and Tenant-Name Not Set in Header After Dashboard Redirect (SSO OIDC) #8267


User avatar
0
Repunjay_TASC created

Tenant-Id and Tenant-Name Not Set in Header After Dashboard Redirect (SSO OIDC) #8132

https://abp.io/support/questions/8132/Tenant-Id-and-Tenant-Name-Not-Set-in-Header-After-Dashboard-Redirect-SSO-OIDC?CurrentPage=5


55 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    The log does not contain the internal exception.

    The logs of this 500 error should exist on the project, which depends on the AbpAccountPublicApplicationModule(Volo.Abp.Account.Pro.Public.Application) module.

    [14:10:09 INF] [] Request starting "HTTP/2" "GET" "https"://"localhost:44359""""/api/account/my-profile""" - null null
    [14:10:09 INF] [] CORS policy execution successful.
    [14:10:09 INF] [] Handling request: /api/account/my-profile
    [14:10:09 INF] [] Handling request logProject: product
    [14:10:09 INF] [] Handling request logProjectGroupName: /ecs/product-dev-gateway
    [14:10:09 INF] [] Handling request logProject change tenant: product
    [14:10:09 INF] [Product] Executing endpoint '"Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)"'
    [14:10:09 INF] [Product] Route matched with "{area = \"account\", controller = \"Profile\", action = \"Get\", page = \"\"}". Executing controller action with signature "System.Threading.Tasks.Task`1[Volo.Abp.Account.ProfileDto] GetAsync()" on controller "Volo.Abp.Account.ProfileController" ("Volo.Abp.Account.Pro.Public.HttpApi").
    [14:10:09 INF] [Product] Executed action "Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)" in 13.5452ms
    [14:10:09 INF] [Product] Executed endpoint '"Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)"'
    [14:10:09 INF] [] Finished handling request.
    [14:10:09 INF] [] Request finished "HTTP/2" "GET" "https"://"localhost:44359""""/api/account/my-profile""" - 500 null "application/json" 195.4187ms
    
  • User Avatar
    0
    Repunjay_TASC created

    The log does not contain the internal exception.

    The logs of this 500 error should exist on the project, which depends on the AbpAccountPublicApplicationModule(Volo.Abp.Account.Pro.Public.Application) module.

    [14:10:09 INF] [] Request starting "HTTP/2" "GET" "https"://"localhost:44359""""/api/account/my-profile""" - null null 
    [14:10:09 INF] [] CORS policy execution successful. 
    [14:10:09 INF] [] Handling request: /api/account/my-profile 
    [14:10:09 INF] [] Handling request logProject: product 
    [14:10:09 INF] [] Handling request logProjectGroupName: /ecs/product-dev-gateway 
    [14:10:09 INF] [] Handling request logProject change tenant: product 
    [14:10:09 INF] [Product] Executing endpoint '"Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)"' 
    [14:10:09 INF] [Product] Route matched with "{area = \"account\", controller = \"Profile\", action = \"Get\", page = \"\"}". Executing controller action with signature "System.Threading.Tasks.Task`1[Volo.Abp.Account.ProfileDto] GetAsync()" on controller "Volo.Abp.Account.ProfileController" ("Volo.Abp.Account.Pro.Public.HttpApi"). 
    [14:10:09 INF] [Product] Executed action "Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)" in 13.5452ms 
    [14:10:09 INF] [Product] Executed endpoint '"Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)"' 
    [14:10:09 INF] [] Finished handling request. 
    [14:10:09 INF] [] Request finished "HTTP/2" "GET" "https"://"localhost:44359""""/api/account/my-profile""" - 500 null "application/json" 195.4187ms 
    

    Hi maliming,

    I will check this one more time. Can we try a first approach, as it may work?

    I have gone through the POC project, and after authenticating with the third-party IDP, we are redirected to the dashboard. After that, the following two API calls are automatically triggered from the Angular app to authenticate with our IDP:

    https://localhost:44333/connect/authorize

    1. https://localhost:44333/connect/authorize

    However, when we apply the same process in our existing application, after the redirect to the dashboard, these two APIs are not being called automatically.

    I have some question ?

    1. This API not authenticated with our IDP that's why redirect to logout page right ?
    2. As per my understanding above two screen shot API is base method API?
    3. We override your login page done some custom changes that why not authorize first approach ?

    For your reference i will share to you POC project as well as OIDC AUTH0 IDP server credentials. can you pls check and guide as per my understanding first approach it will work.

    We need force fully call below method and authenticate with our IDP . https://localhost:44333/connect/authorize

    please suggest .

  • User Avatar
    0
    Repunjay_TASC created

    POC project not able to shared you because browser restriction

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    POC project not able to shared you because browser restriction

    What does that mean?

    You can share the project via one drive, google drive or https://wetransfer.com/

    Please include the steps to reproduce the problem.

    Thanks.

  • User Avatar
    0
    Repunjay_TASC created

    Hi

    shared pls check

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    ok

    I have downloaded your project. Can you share the steps to reproduce the problem?

    Thanks.

  • User Avatar
    0
    Repunjay_TASC created

    ok

    I have downloaded your project. Can you share the steps to reproduce the problem?

    Thanks.

    This is POC project not mine can you pls run your side able to redirect to dashboard..

    hit below url in browser, it will make an API call to the SSO login endpoint.

    http://localhost:4200?idp=oidc

  • User Avatar
    0
    Repunjay_TASC created

    The log does not contain the internal exception.

    The logs of this 500 error should exist on the project, which depends on the AbpAccountPublicApplicationModule(Volo.Abp.Account.Pro.Public.Application) module.

    [14:10:09 INF] [] Request starting "HTTP/2" "GET" "https"://"localhost:44359""""/api/account/my-profile""" - null null  
    [14:10:09 INF] [] CORS policy execution successful.  
    [14:10:09 INF] [] Handling request: /api/account/my-profile  
    [14:10:09 INF] [] Handling request logProject: product  
    [14:10:09 INF] [] Handling request logProjectGroupName: /ecs/product-dev-gateway  
    [14:10:09 INF] [] Handling request logProject change tenant: product  
    [14:10:09 INF] [Product] Executing endpoint '"Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)"'  
    [14:10:09 INF] [Product] Route matched with "{area = \"account\", controller = \"Profile\", action = \"Get\", page = \"\"}". Executing controller action with signature "System.Threading.Tasks.Task`1[Volo.Abp.Account.ProfileDto] GetAsync()" on controller "Volo.Abp.Account.ProfileController" ("Volo.Abp.Account.Pro.Public.HttpApi").  
    [14:10:09 INF] [Product] Executed action "Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)" in 13.5452ms  
    [14:10:09 INF] [Product] Executed endpoint '"Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)"'  
    [14:10:09 INF] [] Finished handling request.  
    [14:10:09 INF] [] Request finished "HTTP/2" "GET" "https"://"localhost:44359""""/api/account/my-profile""" - 500 null "application/json" 195.4187ms  
    

    Hi maliming,

    I will check this one more time. Can we try a first approach, as it may work?

    I have gone through the POC project, and after authenticating with the third-party IDP, we are redirected to the dashboard. After that, the following two API calls are automatically triggered from the Angular app to authenticate with our IDP:

    https://localhost:44333/connect/authorize

    1. https://localhost:44333/connect/authorize

    However, when we apply the same process in our existing application, after the redirect to the dashboard, these two APIs are not being called automatically.

    I have some question ?

    1. This API not authenticated with our IDP that's why redirect to logout page right ?
    2. As per my understanding above two screen shot API is base method API?
    3. We override your login page done some custom changes that why not authorize first approach ?

    For your reference i will share to you POC project as well as OIDC AUTH0 IDP server credentials. can you pls check and guide as per my understanding first approach it will work.

    We need force fully call below method and authenticate with our IDP . https://localhost:44333/connect/authorize

    please suggest .

    suggest on this

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    unauthorized_client: Callback URL mismatch. https://localhost:44333/signin-oidc is not in the list of allowed callback URLs

  • User Avatar
    0
    Repunjay_TASC created

    ok give me 5 mint

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    sure : )

  • User Avatar
    0
    Repunjay_TASC created

    add call back url "CallbackPath": "/api/oidc/ExternalLoginCallback" SSOAppTemplate.AuthServer appsetting.json

    SSOAppTemplateAuthServerModule.cs file add below line inside ConfigureServices method

    options.CallbackPath = configuration["Authentication:OpenIDConnect:CallbackPath"];

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    The process are:

    1. localhost:4200 -> login -> redirect - https://localhost:44333/Account/Login
    2. OpenIdConnect -> auth0.com(redirect url is https://localhost:44333/api/oidc/ExternalLoginCallback)
    3. signing at auth0 -> https://localhost:44333/api/oidc/ExternalLoginCallback -> http://localhost:4200/?code=UAbYIzkcPox30xx
    4. success

    The access_token are issuer from https://localhost:44333 instead of auth0.com

  • User Avatar
    0
    Repunjay_TASC created

    you successfully redirected to dashboard right ?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    Yes

  • User Avatar
    0
    Repunjay_TASC created

    Same POC code i have implemented in my existing project. However, after redirect to dashboard, In My project connect/authorize and http://localhost:4200/?code=UAbYIzkcPox30xx API as well not call automatically from angular.

    IF you see POC project in network tab you able to find out after redirect dashboard . connect/authorize and and http://localhost:4200/?code=UAbYIzkcPox30xx automatically call from angular .

    If i am correct how to resolved this or my observation is not correct ? pls suggest.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Can you share the har file again?

    The redirect uri of the POC project and your previous request are different.

    Please re-record the har of your project.

    Thanks.

  • User Avatar
    0
    Repunjay_TASC created

    hi

    Can you share the har file again?

    The redirect uri of the POC project and your previous request are different.

    Please re-record the har of your project.

    Thanks.

    As per our earlier discussion, you suggested that I change the approach. As a result, I moved all the code from the API to the Angular side, which is why the redirect URL is now different: http://localhost:4200/oidcredirect

    However, we will set aside this approach for now. As per the POC project, we will follow the original approach.

    Below is the POC redirect URL. We will now follow this POC code approach.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    ok, Can you share the har again and an access_token?

    I want to confirm your angular has same process as https://abp.io/support/questions/8267/Tenant-Id-and-Tenant-Name-Not-Set-in-Header-After-Dashboard-Redirect-SSO-OIDC#answer-3a163675-cf75-bff7-f6b5-ea26eb547742

  • User Avatar
    0
    Repunjay_TASC created

    ok sure

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    Thanks.

  • User Avatar
    0
    Repunjay_TASC created

    Hi, I have shared har over email please check and let me know if you required any other information.

    Thanks.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Can I check it by zoom? Your process and POC project are different.

    Please use zoom client join and share your screen.

    https://us05web.zoom.us/j/81532058135?pwd=IwBnxMffhlJsUptdHTdYomYviAfeDD.1

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    I didn't see such a process:

    • localhost:4200 -> login -> redirect - https://localhost:44333/Account/Login
    • OpenIdConnect -> auth0.com(redirect url is https://localhost:44333/api/oidc/ExternalLoginCallback)
    • signing at auth0 -> https://localhost:44333/api/oidc/ExternalLoginCallback -> http://localhost:4200/?code=UAbYIzkcPox30xx
    • success
  • User Avatar
    0
    Repunjay_TASC created

    hi

    Can I check it by zoom? Your process and POC project are different.

    Please use zoom client join and share your screen.

    https://us05web.zoom.us/j/81532058135?pwd=IwBnxMffhlJsUptdHTdYomYviAfeDD.1

    sure.. can you pls share one time zoom link i will connect

Made with ❤️ on ABP v9.1.0-preview. Updated on November 11, 2024, 11:11