We are having issues too but it seems like the nuget server should be online again soon according to their discord.
Hi,
I will review your progress on keycloak integration for the eshoponabp project and await the final guide in the documentation.
Thank you.
In an announcement on github you have spoken about possible solutions to replacing IdentityServer4. One of solutions was to replace it with OpenIdDict which I see that you have covered as part of ABP 6. However you also spoke about describing the process of migrating existing solutions based on IDS4 to Keycloak but I dont see any guides/documents related to this on the commercial documentation website.
Where can I find documentation of how to migrate from IDS4 to Keycloak for the tiered and/or non-tiered template solution?
Audience option was not set correctly
context.Services.AddAuthentication()
// IdentityServer
.AddJwtBearer(options =>
{
options.Authority = configuration["AuthServer:Authority"];
options.RequireHttpsMetadata = false;
options.ClaimsIssuer = "Stella";
--> options.Audience = "Stella";
options.BackchannelHttpHandler = new HttpClientHandler
{
ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator
};
});
After updating our applications from ABP v.4.4.4 to v.5.3.0 and handling breaking changes as described in the ABP docs migration guides, we are experiencing an unexpected authorization behavior in our web application (Angular). When we are running the API/IdentityServer with the Angular application we are able to successfully authenticate after entering correct credentials at the login page, receive a JWT and redirect to the Angular application. However when attempting to use any controller endpoint the response code is always 401 with a 'Volo.Abp.Authorization.AbpAuthorizationException' even though the role of the authenticated user allows everything. It seems like the API is either not doing any JWT validation at all or is not properly keeping track of the user session.
Below is our configuration of authentication which also makes use of MongoDB for DataProtection API storage to support our load balanced setup in production. When inspecting the MongoDB collections we can see that keys and sessions are created as expected.
private void ConfigureAuthentication(ServiceConfigurationContext context, IConfiguration configuration)
{
var mongoUrlBuilder = new MongoUrlBuilder(Environment.GetEnvironmentVariable("MONGODB_CONNECTION_STRING") + Environment.GetEnvironmentVariable("MONGODB_CONNECTION_PARAMS"));
var mongoClient = new MongoClient(mongoUrlBuilder.ToMongoUrl());
context.Services.AddDataProtection().SetApplicationName(Environment.GetEnvironmentVariable("DATA_PROTECTION_APPLICATION_NAME")).PersistKeysToMongoDb(() => mongoClient.GetDatabase(Environment.GetEnvironmentVariable("MONGODB_DATA_PROTECTION_DATABASE_NAME")));
context.Services.ConfigureApplicationCookie(options =>
{
options.SessionStore = new MongoDbTicketStore(new MongoDbTicketStoreOptions()
{
Database = mongoClient.GetDatabase(Environment.GetEnvironmentVariable("MONGODB_DATA_PROTECTION_DATABASE_NAME")),
CollectionName = Environment.GetEnvironmentVariable("MONGODB_AUTH_SESSION_STORE_COLLECTION_NAME")
});
});
Configure<IdentityServerOptions>(options => { options.IssuerUri = configuration["App:SelfUrl"]; });
context.Services.AddAuthentication()
// IdentityServer
.AddJwtBearer(options =>
{
options.Authority = configuration["AuthServer:Authority"];
options.RequireHttpsMetadata = false;
options.ClaimsIssuer = "Stella";
options.BackchannelHttpHandler = new HttpClientHandler
{
ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator
};
});
}
When inspecting the network logs in a browser after authenticating the user and being redirected to the Angular app we also noticed that the "currentUser" segment of the response from api/abp/application-configuration show null values.
We have not replaced any components in ThemeLeptonModule.
Are there any files from our project that could help you determine if there is any other problem? I can send them to you if you want to take a look.
The app.module.ts
in our updated project is using the same import as seen in a new project template based on v4.2.2:
import { HttpErrorComponent, ThemeLeptonModule } from '@volo/abp.ng.theme.lepton';
. . .
ThemeLeptonModule.forRoot()
We've found source of the problem. It will be fixed in next version.
Thank you, that is great to hear. I will be looking forward to this update, and use a different version (4.0.0) in the meantime.
hi
I suggest you create a new project with v4.2.2, and then check/compare the code.
My issue with redirect after user logout has been fixed. It was fortunately simply caused by a missing :
character in the postlogoutredirecturl for the angular client.
Regarding the last issue "Other pages", I have tried comparing our project with a new project based on a v4.2.2 template and also tried creating a new entity in the updated project with the abp suite. Even this new entity produces the same error:
ERROR TypeError: this.mouseMoveSubscription is undefined
at ngOnDestroy volo-abp.ng.theme.lepton.js:1007
ngOnDestroy() {
this.mouseMoveSubscription.unsubscribe();
}
Removing the code inside ngOnDestroy() from the compiled volo-abp.ng.theme.lepton.js file enables us to open the fully working pages which would otherwise throw the error. This is obviously not a suitable solution but it proves that that the pages is actually working once we are able to navigate into them.
Compared to a template project, I don't see any differences between the package.json files which would cause this. The issues is quite breaking for our development so I would hope that this could get solved.
Package.json
{
"name": "stella",
"version": "0.0.0",
"scripts": {
"ng": "ng",
"start": "ng serve --open",
"debug": "ng serve",
"build": "ng build",
"build:prod": "ng build --prod",
"build:test": "ng build --configuration test",
"test": "ng test",
"lint": "ng lint",
"e2e": "ng e2e"
},
"private": true,
"dependencies": {
"@abp/ng.components": "~4.2.2",
"@abp/ng.core": "~4.2.2",
"@abp/ng.setting-management": "~4.2.2",
"@abp/ng.theme.shared": "~4.2.2",
"@agm/core": "^3.0.0-beta.0",
"@angular-devkit/core": "^11.2.5",
"@angular/animations": "~11.2.6",
"@angular/common": "~11.2.6",
"@angular/compiler": "~11.2.6",
"@angular/core": "^11.2.6",
"@angular/forms": "~11.2.6",
"@angular/google-maps": "^10.1.3",
"@angular/platform-browser": "~11.2.6",
"@angular/platform-browser-dynamic": "~11.2.6",
"@angular/router": "~11.2.6",
"@material/dialog": "^8.0.0",
"@progress/kendo-angular-common": "^1.2.3",
"@progress/kendo-angular-dropdowns": "^4.3.2",
"@progress/kendo-angular-l10n": "^2.0.2",
"@progress/kendo-angular-popup": "^3.0.6",
"@types/file-saver": "^2.0.1",
"@types/googlemaps": "3.39.3",
"@volo/abp.commercial.ng.ui": "~4.2.2",
"@volo/abp.ng.account": "~4.2.2",
"@volo/abp.ng.audit-logging": "~4.2.2",
"@volo/abp.ng.identity": "~4.2.2",
"@volo/abp.ng.identity-server": "~4.2.2",
"@volo/abp.ng.language-management": "~4.2.2",
"@volo/abp.ng.saas": "~4.2.2",
"@volo/abp.ng.text-template-management": "~4.2.2",
"@volo/abp.ng.theme.lepton": "~4.2.2",
"file-saver": "^2.0.5",
"google-libphonenumber": "^3.2.17",
"intl-tel-input": "^17.0.3",
"ng2-date-picker": "11.0.0",
"ngx-bootstrap": "^6.2.0",
"ngx-intl-tel-input": "^3.0.5",
"rxjs": "~6.5.4",
"tslib": "^2.0.0",
"zone.js": "~0.10.2"
},
"devDependencies": {
"@abp/ng.schematics": "~4.2.2",
"@angular-devkit/build-angular": "^0.1102.5",
"@angular/cli": "^11.2.5",
"@angular/compiler-cli": "~11.2.6",
"@angular/language-service": "~11.2.6",
"@types/googlemaps": "3.39.3",
"@types/jasmine": "~3.6.0",
"@types/jasminewd2": "~2.0.3",
"@types/node": "^12.19.12",
"jasmine-core": "~3.6.0",
"jasmine-spec-reporter": "~5.0.0",
"karma": "~6.2.0",
"karma-chrome-launcher": "~3.1.0",
"karma-coverage-istanbul-reporter": "~3.0.2",
"karma-jasmine": "~4.0.0",
"karma-jasmine-html-reporter": "^1.5.0",
"ng-packagr": "^11.2.4",
"protractor": "~7.0.0",
"ts-node": "~8.3.0",
"tslint": "~6.1.0",
"typescript": "~4.1.5"
}
}
Hi maliming!
Our package.json was missing "@volo/account": "^4.2.2"
so after running yarn & gulp as you suggested, the issue with accessing profile page has been solved.
{
"version": "1.0.0",
"name": "my-app",
"private": true,
"dependencies": {
"@volo/abp.aspnetcore.mvc.ui.theme.lepton": "^4.2.2",
"@volo/account": "^4.2.2",
"gulp": "^4.0.2"
}
}
The signout button still seems to be missing as described in section "No redirect on user logout", so users will not be redirected properly on logout.
The issues I had with accessing other pages in angular does not however seem to be related to this issue and has not been solved. Do you have an idea of what is wrong here? (see "other pages" section of first post). I have not been able to identitify the error further but it seems to be caused by a new version of the lepton theme?