Activities of "AlderCove"

I sent the project link to info@abp.com.

Here are some more details on the exception that occurs when the RedirectAllowedUrls setting is added for the public website:

I created a new project with abp suite and was able to isolate the issue a little better.

ABP Framework version: v5.1.4 UI type: Angular DB provider: EF Core Tiered (MVC) or Identity Server Separated (Angular): yes Public website: yes

Running in locally with Null Email Sender in use.

The issue arises in the following scenario:

1. Navigate to the web public page
2. Click Login (navigates to Identity server)
3. Click Forgot password
4. Enter email for password reset
5. Copy & paste the password reset link from the Identity Server log into browser (ie. https://localhost:44349/Account/ResetPassword?userId=bcece16c-6098-6c0c-1ad3-3a045aecf37c&__tenant=&resetToken=CfDJ8PxMEPuK7GlJjYKAHwu3dDapqpsWhVzKFziM6xXtptAvMFgXVCOc%2BIIWnBiY1Uq0GDOOmno4yc99Ur26Zu4GCQPTDDino5Ix8dGgf6meYEtyXo%2FpH0VQlhB3C%2F0Rhy6h0lfn6lFkXK0yqHQGjTIB22xWUfYlzljkJDmCc%2FFy%2BuOR5PV8sMSKOvkUPz6T0bwUUCtrg1qRgKgL5l%2FeUWdijBcffVip%2B1nRPJ2ijhnVqS0j&returnUrl=https://localhost:44306/signin-oidc)
6. On Reset Password page, enter new password
7. On Reset Pasword Confirmation page, press Go to the application
8. On Login page, enter credentials and Login.
9. System redirects to the Identity Server page (even though the return url in the password reset is to the public website "https://localhost:44306/signin-oidc")

As a result of this issue, we had added a redirect setting (https://localhost:44306) in the appsettings for the identity server project:

"RedirectAllowedUrls": "http://localhost:4200,https://localhost:44307,https://localhost:44306"

When the redirect url is added, the exception described above is thrown (RemoteAuthentication: OpenIdConnectAuthenticationHandler: message.State is null or empty.).

We also tried with the RedirectAllowedUrl of "https://localhost:44306/signin-oidc" with the same result.

private void ConfigureAuthentication(ServiceConfigurationContext context, IConfiguration configuration)
{
    context.Services.AddAuthentication(options =>
    {
        options.DefaultScheme = "Cookies";
        options.DefaultChallengeScheme = "oidc";
    })
        .AddCookie("Cookies", options =>
        {
            options.ExpireTimeSpan = TimeSpan.FromDays(365);
        })
        .AddAbpOpenIdConnect("oidc", options =>
        {
            options.Authority = configuration["AuthServer:Authority"];
            options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]); ;
            options.ResponseType = OpenIdConnectResponseType.CodeIdToken;

            options.ClientId = configuration["AuthServer:ClientId"];
            options.ClientSecret = configuration["AuthServer:ClientSecret"];

            options.SaveTokens = true;
            options.GetClaimsFromUserInfoEndpoint = true;

            options.Scope.Add("role");
            options.Scope.Add("email");
            options.Scope.Add("phone");
            options.Scope.Add("Portal");
        });
}

I am encountering the same issue running the application locally, outside of docker.

a) Navigate to url:

https://localhost:44309/Account/Login?ReturnUrl=https%3A%2F%2Flocalhost%3A44306%2Fsignin-oidc

b) Login :

c) Exception:

d) web public log file:

2022-06-07 14:37:48.835 -07:00 [INF] Error from RemoteAuthentication: OpenIdConnectAuthenticationHandler: message.State is null or empty.. 2022-06-07 14:37:48.836 -07:00 [ERR] An unhandled exception has occurred while executing the request. System.Exception: An error was encountered while handling the remote login. ---> System.Exception: OpenIdConnectAuthenticationHandler: message.State is null or empty. --- End of inner exception stack trace --- at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync() at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.Localization.RequestLocalizationMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.RequestLocalization.AbpRequestLocalizationMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<

This works - thanks!

hi

Can you direct share a template project with me? liming.ma@volosoft.com

I will check it locally.

sent shared link to your email. thx

Worked a charm!

Thanks so much.

Hi @maliming

I'd prefer not to share, are you unable to reproduce the error?

Thanks Jamie

OK. Thanks.

I assume this also applies to adding extra properties to CMS kit entities since I tried adding some to the blog post entity but it did not seem to work either?

The extra properties feature appears to be tied to the module extension system: https://docs.abp.io/en/abp/latest/Customizing-Application-Modules-Extending-Entities

You can then use the same extra properties system defined in the previous section to manipulate the property over the entity.

Can you recommend an approach for adding additional properties? Do I need to create a new entity with these properties, create my own service and override the UI? https://docs.abp.io/en/abp/latest/Customizing-Application-Modules-Extending-Entities#creating-a-new-entity-with-its-own-database-table-collection

related badly formed path issue for linux I think:

https://support.abp.io/QA/Questions/2209/Bugs--Issues-v5X#answer-9ad254be-2d53-a4ca-0fe9-3a0191e0d611