> dotnet --info .NET SDK: Version: 8.0.301 Commit: 1a0e9c0300 Workload version: 8.0.300-manifests.011fccd5 MSBuild version: 17.10.4+10fbfbf2e Runtime Environment: OS Name: Mac OS X OS Version: 14.5 OS Platform: Darwin RID: osx-arm64 Base Path: /usr/local/share/dotnet/sdk/8.0.301/ .NET workloads installed: [aspire] Installation Source: SDK 8.0.300 Manifest Version: 8.0.1/8.0.100 Manifest Path: /usr/local/share/dotnet/sdk-manifests/8.0.100/microsoft.net.sdk.aspire/8.0.1/WorkloadManifest.json Install Type: FileBased Host: Version: 8.0.6 Architecture: arm64 Commit: 3b8b000a0e .NET SDKs installed: 8.0.301 [/usr/local/share/dotnet/sdk] .NET runtimes installed: Microsoft.AspNetCore.App 8.0.6 [/usr/local/share/dotnet/shared/Microsoft.AspNetCore.App] Microsoft.NETCore.App 8.0.6 [/usr/local/share/dotnet/shared/Microsoft.NETCore.App] Other architectures found: x64 [/usr/local/share/dotnet/x64] registered at [/etc/dotnet/install_location_x64] Environment variables: Not set global.json file: Not found Learn more: https://aka.ms/dotnet/info Download .NET: https://aka.ms/dotnet/download > dotnet dev-certs https -v -ep openiddict.pfx -p 00000000-0000-0000-0000-000000000000 [1] Listing certificates from CurrentUser\My [2] Found certificates: 2 certificates 1) 8A29E32D03730B34A5C476AA01F36A769228667C - CN=localhost - Valid from 2023-08-20 13:35:18Z to 2024-08-19 13:35:18Z - IsHttpsDevelopmentCertificate: true - IsExportable: true 2) ECF836904FA576A3765F42D3E43B6FA9AF73B914 - CN=localhost - Valid from 2023-07-23 20:50:54Z to 2024-07-22 20:50:54Z - IsHttpsDevelopmentCertificate: true - IsExportable: true [3] Checking certificates validity [4] Valid certificates: 2 certificates 1) 8A29E32D03730B34A5C476AA01F36A769228667C - CN=localhost - Valid from 2023-08-20 13:35:18Z to 2024-08-19 13:35:18Z - IsHttpsDevelopmentCertificate: true - IsExportable: true 2) ECF836904FA576A3765F42D3E43B6FA9AF73B914 - CN=localhost - Valid from 2023-07-23 20:50:54Z to 2024-07-22 20:50:54Z - IsHttpsDevelopmentCertificate: true - IsExportable: true [5] Invalid certificates: no certificates [6] Finished listing certificates. [1] Listing certificates from CurrentUser\My [2] Found certificates: 2 certificates 1) 8A29E32D03730B34A5C476AA01F36A769228667C - CN=localhost - Valid from 2023-08-20 13:35:18Z to 2024-08-19 13:35:18Z - IsHttpsDevelopmentCertificate: true - IsExportable: true 2) ECF836904FA576A3765F42D3E43B6FA9AF73B914 - CN=localhost - Valid from 2023-07-23 20:50:54Z to 2024-07-22 20:50:54Z - IsHttpsDevelopmentCertificate: true - IsExportable: true [3] Checking certificates validity [4] Valid certificates: 2 certificates 1) 8A29E32D03730B34A5C476AA01F36A769228667C - CN=localhost - Valid from 2023-08-20 13:35:18Z to 2024-08-19 13:35:18Z - IsHttpsDevelopmentCertificate: true - IsExportable: true 2) ECF836904FA576A3765F42D3E43B6FA9AF73B914 - CN=localhost - Valid from 2023-07-23 20:50:54Z to 2024-07-22 20:50:54Z - IsHttpsDevelopmentCertificate: true - IsExportable: true [5] Invalid certificates: no certificates [6] Finished listing certificates. [1] Listing certificates from LocalMachine\My [2] Found certificates: no certificates [3] Checking certificates validity [4] Valid certificates: no certificates [5] Invalid certificates: no certificates [6] Finished listing certificates. [8] Filtered certificates: 2 certificates 1) 8A29E32D03730B34A5C476AA01F36A769228667C - CN=localhost - Valid from 2023-08-20 13:35:18Z to 2024-08-19 13:35:18Z - IsHttpsDevelopmentCertificate: true - IsExportable: true 2) ECF836904FA576A3765F42D3E43B6FA9AF73B914 - CN=localhost - Valid from 2023-07-23 20:50:54Z to 2024-07-22 20:50:54Z - IsHttpsDevelopmentCertificate: true - IsExportable: true [9] Excluded certificates: no certificates [14] Valid certificates: 2 certificates 1) 8A29E32D03730B34A5C476AA01F36A769228667C - CN=localhost - Valid from 2023-08-20 13:35:18Z to 2024-08-19 13:35:18Z - IsHttpsDevelopmentCertificate: true - IsExportable: true 2) ECF836904FA576A3765F42D3E43B6FA9AF73B914 - CN=localhost - Valid from 2023-07-23 20:50:54Z to 2024-07-22 20:50:54Z - IsHttpsDevelopmentCertificate: true - IsExportable: true [15] Selected certificate: ECF836904FA576A3765F42D3E43B6FA9AF73B914 - CN=localhost - Valid from 2023-07-23 20:50:54Z to 2024-07-22 20:50:54Z - IsHttpsDevelopmentCertificate: true - IsExportable: true [23] Saving certificate 'ECF836904FA576A3765F42D3E43B6FA9AF73B914 - CN=localhost - Valid from 2023-07-23 20:50:54Z to 2024-07-22 20:50:54Z - IsHttpsDevelopmentCertificate: true - IsExportable: true' to openiddict.pfx with private key. [27] Writing the certificate to: openiddict.pfx. A valid HTTPS certificate is already present. The certificate was exported to openiddict.pfx
In my local development machine, I am getting the same output as your response while running the command
but if I'm running same command on server, I'm getting this response
Hello,
please check similar issuehttps://support.abp.io/QA/Questions/7194/SaasServiceHttpApiHost-terminated-unexpectedly-Error#answer-3a128dcf-3401-6048-cc3c-9217fb0e882d https://support.abp.io/QA/Questions/4390/Getting-Error-While-Deploying-to-Azure--Please-Help if it helps you
thanks
Hi, as per the solution mentioned in the link, do I need to add some cert? When I was using Identity server at that time there was no cert, also I have 2 modes of login, DB mode and external login, there will be any difference of cert? in both mode I'm getting same error.
Hi, I have migrated Identity server to OpenIddict. It is working fine in local but after deployment, I'm getting below screen
And below is log file
2024-06-12 18:17:58.794 +08:00 [INF] Starting web host.
2024-06-12 18:18:10.941 +08:00 [FTL] Host terminated unexpectedly!
Volo.Abp.AbpInitializationException: An error occurred during ConfigureServices phase of the module Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule, Volo.Abp.OpenIddict.AspNetCore, Version=8.1.3.0, Culture=neutral, PublicKeyToken=null. See the inner exception for details.
---> System.Security.Cryptography.CryptographicException: The specified network password is not correct.
at System.Security.Cryptography.X509Certificates.CertificatePal.FilterPFXStore(ReadOnlySpan`1 rawData, SafePasswordHandle password, PfxCertStoreFlags pfxCertStoreFlags)
at System.Security.Cryptography.X509Certificates.CertificatePal.FromBlobOrFile(ReadOnlySpan`1 rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.CertificatePal.FromBlob(ReadOnlySpan`1 rawData, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(Byte[] rawData, String password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData, String password, X509KeyStorageFlags keyStorageFlags)
at Microsoft.Extensions.DependencyInjection.OpenIddictServerBuilder.AddDevelopmentEncryptionCertificate(X500DistinguishedName subject)
at Microsoft.Extensions.DependencyInjection.OpenIddictServerBuilder.AddDevelopmentEncryptionCertificate()
at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.<>c__DisplayClass1_0.<AddOpenIddictServer>b__0(OpenIddictServerBuilder builder)
at Microsoft.Extensions.DependencyInjection.OpenIddictServerExtensions.AddServer(OpenIddictBuilder builder, Action`1 configuration)
at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.AddOpenIddictServer(IServiceCollection services)
at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.ConfigureServices(ServiceConfigurationContext context)
at Volo.Abp.AbpApplicationBase.ConfigureServices()
--- End of inner exception stack trace ---
at Volo.Abp.AbpApplicationBase.ConfigureServices()
at Volo.Abp.AbpApplicationBase..ctor(Type startupModuleType, IServiceCollection services, Action`1 optionsAction)
at Volo.Abp.AbpApplicationWithExternalServiceProvider..ctor(Type startupModuleType, IServiceCollection services, Action`1 optionsAction)
at Volo.Abp.AbpApplicationFactory.Create(Type startupModuleType, IServiceCollection services, Action`1 optionsAction)
at Volo.Abp.AbpApplicationFactory.Create[TStartupModule](IServiceCollection services, Action`1 optionsAction)
at Microsoft.Extensions.DependencyInjection.ServiceCollectionApplicationExtensions.AddApplication[TStartupModule](IServiceCollection services, Action`1 optionsAction)
at eFC.Web.Startup.ConfigureServices(IServiceCollection services) in /agents/work/4/82/s/src/src/eFC.Web/Startup.cs:line 12
at System.RuntimeMethodHandle.InvokeMethod(Object target, Void** arguments, Signature sig, Boolean isConstructor)
at System.Reflection.MethodBaseInvoker.InterpretedInvoke_Method(Object obj, IntPtr* args)
at System.Reflection.MethodBaseInvoker.InvokeDirectByRefWithFewArgs(Object obj, Span`1 copyOfArgs, BindingFlags invokeAttr)
at System.Reflection.MethodBaseInvoker.InvokeWithOneArg(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at Microsoft.AspNetCore.Hosting.MethodInfoExtensions.InvokeWithoutWrappingExceptions(MethodInfo methodInfo, Object obj, Object[] parameters)
at Microsoft.AspNetCore.Hosting.ConfigureServicesBuilder.InvokeCore(Object instance, IServiceCollection services)
at Microsoft.AspNetCore.Hosting.ConfigureServicesBuilder.<>c__DisplayClass9_0.<Invoke>g__Startup|0(IServiceCollection serviceCollection)
at Microsoft.AspNetCore.Hosting.ConfigureServicesBuilder.Invoke(Object instance, IServiceCollection services)
at Microsoft.AspNetCore.Hosting.ConfigureServicesBuilder.<>c__DisplayClass8_0.<Build>b__0(IServiceCollection services)
at Microsoft.AspNetCore.Hosting.GenericWebHostBuilder.UseStartup(Type startupType, HostBuilderContext context, IServiceCollection services, Object instance)
at Microsoft.AspNetCore.Hosting.GenericWebHostBuilder.<>c__DisplayClass7_0.<UseStartup>b__0(HostBuilderContext context, IServiceCollection services)
at Microsoft.Extensions.Hosting.HostBuilder.InitializeServiceProvider()
at Microsoft.Extensions.Hosting.HostBuilder.Build()
at eFC.Web.Program.Main(String[] args) in /agents/work/4/82/s/src/src/eFC.Web/Program.cs:line 36
Can you please help if there is anything missed.
ABP Framework version: v8.1.1
UI Type:React
Database System: EF Core (SQL Server)
Tiered (for MVC) or Auth Server Separated (for Angular): yes
Exception message and full stack trace:NA
Steps to reproduce the issue: Migration from Identity server to OpenIddict
SixLabors.ImageSharp.Drawing
sure, thank you.
hi
. Could you please upgrade this with latest stable version.
No problem. Thanks for your feedback
We have upgraded this package in 8.3
Hi, thank you for your quick response, how soon it will be updated? I'm not able to deploy my application due to this.
Hi, in my application I'm using package Volo.Abp.Account.Pro.Public.Application/8.1.3 and this package have dependency "Volo.Abp.Imaging.ImageSharp": "8.1.3", and if I check the dependency of Volo.Abp.Imaging.ImageSharp": "8.1.3, it consist "SixLabors.ImageSharp": "3.0.2", (sharing screenshot for reference). SixLabors.ImageSharp's 3.0.2 version is vulnerable which is why it is not allowed to deploy in my organization. Could you please upgrade this with latest stable version. ABP Framework version: v8.1.1
UI Type:React
Database System: EF Core (SQL Server)
Tiered (for MVC) or Auth Server Separated (for Angular): yes
Exception message and full stack trace:NA
Steps to reproduce the issue: NA
Hi,
Yes, you don't need it. we refactored the new claims contributor system
Hi, thank you for the above links, I'm able to add custom claims now.
Hi,
You need to add the claims manually.
https://docs.abp.io/en/abp/latest/Modules/OpenIddict#updating-claims-in-access_token-and-id_token https://docs.abp.io/en/abp/latest/Authorization#claims-principal-factory
Hi, right now I'm using below class for claim public class myAppUserClaimFactory : UserClaimsPrincipalFactory<Volo.Abp.Identity.IdentityUser, Volo.Abp.Identity.IdentityRole>, ITransientDependency,
Is it not required now?
Hi,
You need to add a scope for each
Hi, as suggested I have inserted data in OpenIddictScopes but earlier when I was using IdentityServerIdentity this was the data in my auth variable
"token_type":"Bearer","scope":"openid offline_access","profile":{"s_hash":"DS82_CYQtxmPC76J8Yjz_w","sid":"FFCD5C72C428640804F41F72DAFC8059","sub":"8405d374-ec46-1ed7-bc4d-3a04e58abcde","auth_time":1717402623,"idp":"local","preferred_username":"admin","given_name":"admin","amr":["pwd"]},"expires_at":1748939693
Now, I'm getting this in my auth variable "token_type":"Bearer","scope":"openid offline_access","profile":{"sub":"8405d374-ec46-1ed7-bc4d-3a04e58abcde","oi_au_id":"85c661bd-a8e3-f572-3657-3a12880f1aa6","azp":"eFC_App","oi_tkn_id":"6884f2bd-465d-19bb-d606-3a12ef7a0f53"},"expires_at":1717408376}
Is there any other change required to get all properties? I want to get preferred_username, given_name, auth_time etc. in Profile.