Activities of "NH-Support"

Thank you for support

1- for bundle files I follow the steps but get some issue :

@volosoft/ngx-lepton-x.abp I try to download this package separatly but return not found error

I try to use @volosoft/abp.ng.theme.lepton-x but provideThemeLeptonX, withThemeLeptonXOptions not defiend within it

2- for call abp end points I didn't find a solution to replace abp controller call from angular

Ok waiting the Angular team also inside the services file I didn't find the Url for replace for example this is the AbpApiDefinitionService:

Thank you for reply How to override the Angular services to replace the URL? I couldn't find it within the documentation

Not fixing

I put RequireHttpsMetadata = false and use http://auth/.well-known/openid-configuration but internally still request /authorize and other configuration using https and couldn't link internal url with certificate the solution for me was disable the certificate check and now it is working

Thank you for your support

We are deploying our ABP-based application(layered app ) using two microservices in Kubernetes: an Auth Server and a Host API.

In the Host API, we configure JWT authentication using AddAbpJwtBearer() with Authority and the MetadataAddress wich pointing to the internal service address of the Auth Server

This is the identitymodel log:

[Error]06/29/2025 12:45:16 Message: IDX20804: Unable to retrieve document from: 'https://auth/.well-known/openid-configuration'., InnerException: The SSL connection could not be established, see inner exception. [Error]06/29/2025 12:45:16 Message: IDX20806: Unable to obtain an updated configuration from: 'https://auth/.well-known/openid-configuration'. Returning the current configuration. Exception: 'System.IO.IOException: IDX20804: Unable to retrieve document from: 'https://auth/.well-known/openid-configuration'. ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure: RemoteCertificateNameMismatch at System.Net.Security.SslStream.SendAuthResetSignal(ReadOnlySpan1 alert, ExceptionDispatchInfo exception) at System.Net.Security.SslStream.CompleteHandshake(SslAuthenticationOptions sslAuthenticationOptions) at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](Boolean receiveFirst, Byte[] reAuthenticationData, CancellationToken cancellationToken) at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken) --- End of inner exception stack trace --- at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.InjectNewHttp11ConnectionAsync(QueueItem queueItem) at System.Threading.Tasks.TaskCompletionSourceWithCancellation1.WaitWithCancellationAsync(CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken) at System.Net.Http.DiagnosticsHandler.SendAsyncCore(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken) at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.SendAndRetryOnNetworkErrorAsync(HttpClient httpClient, Uri uri) at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel) --- End of inner exception stack trace --- at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel) at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(String address, IDocumentRetriever retriever, CancellationToken cancel) at Microsoft.IdentityModel.Protocols.ConfigurationManager1.GetConfigurationAsync(CancellationToken cancel)., InnerException: IDX20804: Unable to retrieve document from: 'https://auth/.well-known/openid-configuration'. [Error]06/29/2025 12:45:16 Message: IDX20803: Unable to obtain configuration from: 'https://auth/.well-known/openid-configuration'. Will retry at '1/1/0001 12:00:00 AM +00:00'. Exception: 'System.IO.IOException: IDX20804: Unable to retrieve document from: 'https://auth/.well-known/openid-configuration'. ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure: RemoteCertificateNameMismatch at System.Net.Security.SslStream.SendAuthResetSignal(ReadOnlySpan1 alert, ExceptionDispatchInfo exception) at System.Net.Security.SslStream.CompleteHandshake(SslAuthenticationOptions sslAuthenticationOptions) at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](Boolean receiveFirst, Byte[] reAuthenticationData, CancellationToken cancellationToken) at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken) --- End of inner exception stack trace --- at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.InjectNewHttp11ConnectionAsync(QueueItem queueItem) at System.Threading.Tasks.TaskCompletionSourceWithCancellation`1.WaitWithCancellationAsync(CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken) at System.Net.Http.DiagnosticsHandler.SendAsyncCore(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpClient.

We already try this solution and I mention it earlier we consume a lot of time trying to fix it but still token not validated please provide us with tested solution because in microservice template this portion is not configured well : options.TokenValidationParameters = new TokenValidationParameters { ValidIssuers = new[] { configuration["AuthServer:Authority"].EnsureEndsWith('/') } };

Sorry I can't send a Template via email because the environment that developers work on it restricted

but you can share me one template that is working using Hangfire dashoard with separate OAuth because even on the new project template the dashboard not opening when I add authorization option to dashboard so please share a working solution with correct client configuration in order to follow it

This is the last log 2025-06-12 14:51:34.287 +04:00 [INF] AuthenticationScheme: Identity.External signed in. 2025-06-12 14:51:34.289 +04:00 [INF] Request finished HTTP/2 POST https://localhost:44349/signin-oidc - 302 null null 471.4384ms 2025-06-12 14:51:34.297 +04:00 [INF] Request starting HTTP/2 GET https://localhost:44349/hangfire - null null 2025-06-12 14:51:34.368 +04:00 [INF] AuthenticationScheme: oidc was challenged. 2025-06-12 14:51:34.376 +04:00 [INF] Request finished HTTP/2 GET https://localhost:44349/hangfire - 302 null null 78.6224ms 2025-06-12 14:51:34.600 +04:00 [INF] Request starting HTTP/2 POST https://localhost:44349/signin-oidc - application/x-www-form-urlencoded 1724

the problem the page still loading and not redirect to hangefire page it is stuck on this URL https://localhost:44371/connect/authorize?client_id=SmartClinicPro_HangeFire&redirect_uri=https%3A%2F%2Flocalhost%3A44349%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20roles%20email%20phone%20SmartClinicPro&response_mode=form_post&nonce=638853224287721216.M2EyYzJlMjUtMmM5Zi00MTJlLWI5MWUtNDViYWFjNmUyZWFiMjRkMDQyMzQtZjA4OS00MzQwLTgxMDEtZTY0YTU2NmRhOWI4&state=CfDJ8CsR7lfmb1dNrxhuAn0fof5v61ZVPkbjyuLPC9SaRtKNxwaiTJvhWZ_4w13npyJMF0nxOn8SV3uA5bZGjGeRz4RYmIGNRVLsImwLz6XjDuUiKbXzaf-8sIWcWMn4QdShAxz4_54QVL0t0c7ZHnG5Lqq7xwbznTxvbQzhSqj3MYQMRI5YOtlN6o5rGiRB-egFXX7ZQY0ybIuSx9qey9cBxl4jQcxetxk_gctFDPNOi0rYOgUYJUrTKnuDfT7WVh0AUTyMrmbMAVcwtKWNmiW4jr46s_SvqpJviWyt7MSyyH8y6dKfzZtuCSVN9G4tShxcTQ&x-client-SKU=ID_NET9_0&x-client-ver=8.1.0.0 and still loading

note : Auth is separated

I updatesd the Redirect URi to : ["https://localhost:44349/signin-oidc"] now redirect to login page but after I entered the credincia and logged in the page not return to the hangefire it is enter in a loop and page still loading Auth server url: https://localhost:44371

https://localhost:44371/connect/authorize?client_id=SmartClinicPro_HangeFire&redirect_uri=https%3A%2F%2Flocalhost%3A44349%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20roles%20email%20phone%20SmartClinicPro&response_mode=form_post&nonce=638853180483794824.ZTNjMDc0OTAtMWE2My00ZjE4LWEwNjMtMjE4N2YyNTQ4MDI5MWM0NWQzYzUtODQ1NC00NDhmLTk4YjMtMzc4Njk3OWJjNzY1&state=CfDJ8CsR7lfmb1dNrxhuAn0fof7e1GXEb5NBASVG61OVD1_kwMVd34x_Xa1bYIGVQ1oGTa1hEyXsXtRk694MXUP3gaURhRawDxEGHNCQDlvGGgl3HHc9T2UhACukLFB5-gNDScoDoosQRovetQIjX0fZYC4WUMr_zS9K8dBZGMRzvn20k-Sc39i3_zHiXWZoMYYuQsoMcfcutdflgCYgYT6Luu-NGcc_-JUEtm7f4tHyIhpT0Crq4t5xbh2b7TcA6lKFzTwOkO3rE0uqbLE8p53pGLk8NqDuyeFGtSgZAvC08bnC9mMkuCkYN_Z0L6fCAl6Tyw&x-client-SKU=ID_NET9_0&x-client-ver=8.1.0.0

and this is the last logs 2025-06-12 13:44:15.982 +04:00 [INF] AuthenticationScheme: oidc was challenged. 2025-06-12 13:44:15.984 +04:00 [INF] Request finished HTTP/2 GET https://localhost:44349/hangfire - 302 null null 4.2466ms 2025-06-12 13:44:16.159 +04:00 [INF] Request starting HTTP/2 POST https://localhost:44349/signin-oidc - application/x-www-form-urlencoded 1724 2025-06-12 13:44:16.161 +04:00 [INF] CORS policy execution failed. 2025-06-12 13:44:16.161 +04:00 [INF] Request origin https://localhost:44371 does not have permission to access the resource. 2025-06-12 13:44:16.351 +04:00 [INF] AuthenticationScheme: Identity.External signed in. 2025-06-12 13:44:16.353 +04:00 [INF] Request finished HTTP/2 POST https://localhost:44349/signin-oidc - 302 null null 193.6292ms 2025-06-12 13:44:16.358 +04:00 [INF] Request starting HTTP/2 GET https://localhost:44349/hangfire - null null 2025-06-12 13:44:16.361 +04:00 [INF] AuthenticationScheme: oidc was challenged. 2025-06-12 13:44:16.365 +04:00 [INF] Request finished HTTP/2 GET https://localhost:44349/hangfire - 302 null null 6.296ms 2025-06-12 13:44:16.546 +04:00 [INF] Request starting HTTP/2 POST https://localhost:44349/signin-oidc - application/x-www-form-urlencoded 1724 2025-06-12 13:44:16.547 +04:00 [INF] CORS policy execution failed. 2025-06-12 13:44:16.547 +04:00 [INF] Request origin https://localhost:44371 does not have permission to access the resource. 2025-06-12 13:44:16.740 +04:00 [INF] AuthenticationScheme: Identity.External signed in. 2025-06-12 13:44:16.741 +04:00 [INF] Request finished HTTP/2 POST https://localhost:44349/signin-oidc - 302 null null 195.7864ms 2025-06-12 13:44:16.746 +04:00 [INF] Request starting HTTP/2 GET https://localhost:44349/hangfire - null null 2025-06-12 13:44:16.748 +04:00 [INF] AuthenticationScheme: oidc was challenged. 2025-06-12 13:44:16.750 +04:00 [INF] Request finished HTTP/2 GET https://localhost:44349/hangfire - 302 null null 3.971ms 2025-06-12 13:44:16.942 +04:00 [INF] Request starting HTTP/2 POST https://localhost:44349/signin-oidc - application/x-www-form-urlencoded 1724 2025-06-12 13:44:16.943 +04:00 [INF] CORS policy execution failed. 2025-06-12 13:44:16.943 +04:00 [INF] Request origin https://localhost:44371 does not have permission to access the resource. 2025-06-12 13:44:17.114 +04:00 [INF] AuthenticationScheme: Identity.External signed in. 2025-06-12 13:44:17.116 +04:00 [INF] Request finished HTTP/2 POST https://localhost:44349/signin-oidc - 302 null null 173.9596ms 2025-06-12 13:44:17.121 +04:00 [INF] Request starting HTTP/2 GET https://localhost:44349/hangfire - null null 2025-06-12 13:44:17.124 +04:00 [INF] AuthenticationScheme: oidc was challenged. 2025-06-12 13:44:17.126 +04:00 [INF] Request finished HTTP/2 GET https://localhost:44349/hangfire - 302 null null 5.5092ms 2025-06-12 13:44:17.326 +04:00 [INF] Request starting HTTP/2 POST https://localhost:44349/signin-oidc - application/x-www-form-urlencoded 1724 2025-06-12 13:44:17.328 +04:00 [INF] CORS policy execution failed. 2025-06-12 13:44:17.328 +04:00 [INF] Request origin https://localhost:44371 does not have permission to access the resource. 2025-06-12 13:44:17.547 +04:00 [INF] AuthenticationScheme: Identity.External signed in. 2025-06-12 13:44:17.550 +04:00 [INF] Request finished HTTP/2 POST https://localhost:44349/signin-oidc - 302 null null 223.8674ms 2025-06-12 13:44:17.554 +04:00 [INF] Request starting HTTP/2 GET https://localhost:44349/hangfire - null null 2025-06-12 13:44:17.556 +04:00 [INF] AuthenticationScheme: oidc was challenged. 2025-06-12 13:44:17.558 +04:00 [INF] Request finished HTTP/2 GET https://localhost:44349/hangfire - 302 null null 3.5208ms 2025-06-12 13:44:17.742 +04:00 [INF] Request starting HTTP/2 POST https://localhost:44349/signin-oidc - application/x-www-form-urlencoded 1724 2025-06-12 13:44:17.743 +04:00 [INF] CORS policy execution failed. 2025-06-12 13:44:17.743 +04:00 [INF] Request origin https://localhost:44371 does not have permission to access the resource.