Activities of "agilmore"

Ok.

That fixed this issue:

But then, after being redirected to the login screen and signing in, I get redirected to the swagger page:

Choose to verify your email address on "Personal Info" screen.

Click on "Confirm my email address" in "Email Confirmation" email.

No webpage was found for the web address: https://localhost:44322/account/email-confirmation?userId=1d5964fd-4cbb-11ae-9f7e-39fdf8e2bf0c&__tenant=&confirmationToken=CfDJ8GiBbaXh295E....

appsettings.json in HttpApi.Host project:

"App": { "SelfUrl": "https://localhost:44322", "AngularUrl": "http://localhost:4200", "CorsOrigins": "https://*.App.com,https://localhost:44307", "RedirectAllowedUrls": "http://localhost:4200,https://localhost:44307" },

ConfigureUrls in AppHttpApiHostModule:

    private void ConfigureUrls(IConfiguration configuration)
    {
        Configure<AppUrlOptions>(options =>
        {
            options.Applications["MVC"].RootUrl = configuration["App:SelfUrl"];
            options.Applications["MVC"].Urls[AccountUrlNames.PasswordReset] = "account/reset-password";
            options.Applications["MVC"].Urls[AccountUrlNames.EmailConfirmation] = "account/email-confirmation";
            options.Applications["Angular"].RootUrl = configuration["App:AngularUrl"];
            options.Applications["Angular"].Urls[AccountUrlNames.PasswordReset] = "account/reset-password";
            options.Applications["Angular"].Urls[AccountUrlNames.EmailConfirmation] = "account/email-confirmation";
            options.RedirectAllowedUrls.AddRange(configuration["App:RedirectAllowedUrls"].Split(','));
        });
    }

I added

            options.Applications["MVC"].Urls[AccountUrlNames.PasswordReset] = "account/reset-password";
            options.Applications["MVC"].Urls[AccountUrlNames.EmailConfirmation] = "account/email-confirmation";

Thanks for that.

So... to implement the subdomain tenant resolver, you need to modify the IdentityServer module configuration delivered with the product. The documentation points to the example you gave, but its only for MVC, and gives absolutely no indication of what code has changed from the original implementation. This makes it nearly useless.

This documentation: https://docs.abp.io/en/abp/5.2/Multi-Tenancy#domain-subdomain-tenant-resolver gives the impression that all that needs to change is to drop that simple code into the configuration of the host module. It's deceptive. I've seen several questions about this on this forum. You would save yourselves and others lots of time if you simply completed the documentation detailing all the places code needs to change to implement subdomain tenancy resolution.

test1 is the name of a tenant. I'm using subdomain tenant resolver. So there could be 1000 different tenants with different names, with subdomain names <tenantName>.test.mydomain.com. That is the point of the subdomain tenant resolver.

abp.io is supposed to support a subdomain per tenant. How do I configure to support that?

Here is the relevant log from the Host application. The key piece of information is: Error":"invalid_request","ErrorDescription":"Invalid redirect_uri","Category":"Token","Name":"Token Issued

2022-05-18 01:01:27.848 +00:00 [INF] Request starting HTTP/1.1 GET https://testschemasighthost.azurewebsites.net/connect/authorize?client_id=App_Blazor&redirect_uri=https%3A%2F%2Ftest1.test.schemasight.com%2Fauthentication%2Flogin-callback&response_type=code&scope=openid%20profile%20App%20role%20email%20phone&state=1da588d11341487a94642d2bed6eab20&code_challenge=qmShTV7mfnSJPcgJKR1_0TArv9iuI7B8lrzoPIp7-oI&code_challenge_method=S256&prompt=none&response_mode=query - - 2022-05-18 01:01:27.868 +00:00 [INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeEndpoint for /connect/authorize 2022-05-18 01:01:27.895 +00:00 [ERR] Invalid redirect_uri: https://test1.test.schemasight.com/authentication/login-callback {"ClientId":"App_Blazor","ClientName":"App_Blazor","RedirectUri":null,"AllowedRedirectUris":["https://test.schemasight.com/authentication/login-callback"],"SubjectId":"a747cd62-452b-4a15-a5ef-3a03aaaf684a","ResponseType":null,"ResponseMode":null,"GrantType":null,"RequestedScopes":"","State":null,"UiLocales":null,"Nonce":null,"AuthenticationContextReferenceClasses":null,"DisplayMode":null,"PromptMode":"","MaxAge":null,"LoginHint":null,"SessionId":null,"Raw":{"client_id":"App_Blazor","redirect_uri":"https://test1.test.schemasight.com/authentication/login-callback","response_type":"code","scope":"openid profile App role email phone","state":"1da588d11341487a94642d2bed6eab20","code_challenge":"qmShTV7mfnSJPcgJKR1_0TArv9iuI7B8lrzoPIp7-oI","code_challenge_method":"S256","prompt":"none","response_mode":"query"},"$type":"AuthorizeRequestValidationLog"} 2022-05-18 01:01:27.895 +00:00 [ERR] Request validation failed 2022-05-18 01:01:27.895 +00:00 [INF] {"ClientId":"App_Blazor","ClientName":"App_Blazor","RedirectUri":null,"AllowedRedirectUris":["https://test.schemasight.com/authentication/login-callback"],"SubjectId":"a747cd62-452b-4a15-a5ef-3a03aaaf684a","ResponseType":null,"ResponseMode":null,"GrantType":null,"RequestedScopes":"","State":null,"UiLocales":null,"Nonce":null,"AuthenticationContextReferenceClasses":null,"DisplayMode":null,"PromptMode":"","MaxAge":null,"LoginHint":null,"SessionId":null,"Raw":{"client_id":"App_Blazor","redirect_uri":"https://test1.test.schemasight.com/authentication/login-callback","response_type":"code","scope":"openid profile App role email phone","state":"1da588d11341487a94642d2bed6eab20","code_challenge":"qmShTV7mfnSJPcgJKR1_0TArv9iuI7B8lrzoPIp7-oI","code_challenge_method":"S256","prompt":"none","response_mode":"query"},"$type":"AuthorizeRequestValidationLog"} 2022-05-18 01:01:27.896 +00:00 [INF] {"ClientId":"App_Blazor","ClientName":"App_Blazor","RedirectUri":null,"Endpoint":"Authorize","SubjectId":"a747cd62-452b-4a15-a5ef-3a03aaaf684a","Scopes":"","GrantType":null,"Error":"invalid_request","ErrorDescription":"Invalid redirect_uri","Category":"Token","Name":"Token Issued Failure","EventType":"Failure","Id":2001,"Message":null,"ActivityId":"80000037-0000-eb00-b63f-84710c7967bb","TimeStamp":"2022-05-18T01:01:27.0000000Z","ProcessId":1456,"LocalIpAddress":"10.11.0.196:443","RemoteIpAddress":"49.191.30.55","$type":"TokenIssuedFailureEvent"} 2022-05-18 01:01:27.897 +00:00 [INF] Request finished HTTP/1.1 GET https://testschemasighthost.azurewebsites.net/connect/authorize?client_id=App_Blazor&redirect_uri=https%3A%2F%2Ftest1.test.schemasight.com%2Fauthentication%2Flogin-callback&response_type=code&scope=openid%20profile%20App%20role%20email%20phone&state=1da588d11341487a94642d2bed6eab20&code_challenge=qmShTV7mfnSJPcgJKR1_0TArv9iuI7B8lrzoPIp7-oI&code_challenge_method=S256&prompt=none&response_mode=query - - - 302 - - 48.3418ms 2022-05-18 01:01:27.958 +00:00 [INF] Request starting HTTP/1.1 GET https://testschemasighthost.azurewebsites.net/Account/Error?errorId=CfDJ8A81w2ldNe9HkjgrAVgXeu2KSVwnb2qRNv8Q7cucfA9K5sGzzdnJcqcCwghB2LY0XRj6SvbcTAw-yBmMdeoMLE5Jp4EDCQyvou9drwxJnN8auNRbcKWZE4IUs5OQ9j9yfJp-JRD5oWywlC_T0JHy72pnJBD_tF_R9_aSDmMHH1rd-WN9t0Yps9UT4jSfv5g6BaDdhG4hfarMTw-Yyn3QyiwWjyCS-fnnhNTyYvkc81Y4HsaV4n4YJESuht8NxnE2BM3OXvJiKe7hxDwi96kf6ZD29bKu0PGvoSTruCAtN_BrBTAgBV6tg49H3mpiZkndvFgZ6SVbc6fWYlpUEDVsbhCsBhxru4q_14WAgjMIepYf - - 2022-05-18 01:01:27.970 +00:00 [INF] Executing endpoint 'Volo.Abp.Account.Web.Areas.Account.Controllers.ErrorController.Index (Volo.Abp.Account.Pro.Public.Web.IdentityServer)' 2022-05-18 01:01:27.974 +00:00 [INF] Route matched with {area = "account", action = "Index", controller = "Error", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] Index(System.String) on controller Volo.Abp.Account.Web.Areas.Account.Controllers.ErrorController (Volo.Abp.Account.Pro.Public.Web.IdentityServer). 2022-05-18 01:01:27.980 +00:00 [INF] Executing action method Volo.Abp.Account.Web.Areas.Account.Controllers.ErrorController.Index (Volo.Abp.Account.Pro.Public.Web.IdentityServer) - Validation state: "Valid" 2022-05-18 01:01:27.980 +00:00 [INF] Executed action method Volo.Abp.Account.Web.Areas.Account.Controllers.ErrorController.Index (Volo.Abp.Account.Pro.Public.Web.IdentityServer), returned result Microsoft.AspNetCore.Mvc.ViewResult in 0.3649ms. 2022-05-18 01:01:27.980 +00:00 [INF] Executing ViewResult, running view ~/Views/Error/500.cshtml. 2022-05-18 01:01:28.060 +00:00 [INF] Executed ViewResult - view ~/Views/Error/500.cshtml executed in 79.2701ms. 2022-05-18 01:01:28.060 +00:00 [INF] Executed action Volo.Abp.Account.Web.Areas.Account.Controllers.ErrorController.Index (Volo.Abp.Account.Pro.Public.Web.IdentityServer) in 85.3887ms 2022-05-18 01:01:28.060 +00:00 [INF] Executed endpoint 'Volo.Abp.Account.Web.Areas.Account.Controllers.ErrorController.Index (Volo.Abp.Account.Pro.Public.Web.IdentityServer)' 2022-05-18 01:01:28.066 +00:00 [INF] Request finished HTTP/1.1 GET https://testschemasighthost.azurewebsites.net/Account/Error?errorId=CfDJ8A81w2ldNe9HkjgrAVgXeu2KSVwnb2qRNv8Q7cucfA9K5sGzzdnJcqcCwghB2LY0XRj6SvbcTAw-yBmMdeoMLE5Jp4EDCQyvou9drwxJnN8auNRbcKWZE4IUs5OQ9j9yfJp-JRD5oWywlC_T0JHy72pnJBD_tF_R9_aSDmMHH1rd-WN9t0Yps9UT4jSfv5g6BaDdhG4hfarMTw-Yyn3QyiwWjyCS-fnnhNTyYvkc81Y4HsaV4n4YJESuht8NxnE2BM3OXvJiKe7hxDwi96kf6ZD29bKu0PGvoSTruCAtN_BrBTAgBV6tg49H3mpiZkndvFgZ6SVbc6fWYlpUEDVsbhCsBhxru4q_14WAgjMIepYf - - - 200 - text/html;+charset=utf-8 107.7556ms

  • ABP Framework version: v5.2.0
  • UI type: Blazor
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): no
  • Exception message and stack trace: 500 internal server error INVALID_REQUEST response.
  • Steps to reproduce the issue:"

I'm trying to set up subdomain login for tenants. I have the following set up:

Blazor Project

Blazor Client running in an Azure Web app service. With the following configuration:

{ "App": { "SelfUrl": "https://test.mydomain.com" }, "AuthServer": { "Authority": "https://testmydomainhost.azurewebsites.net", "ClientId": "App_Blazor", "ResponseType": "code" }, "RemoteServices": { "Default": { "BaseUrl": "https://testmydomain.azurewebsites.net" } } ...... }

All certificates and DNS has been set up correctly for test.mydomain.com and *.test.mydomain.com

Host Project

The Host project is running in a seperate Azure App service.

The Host project ...HttpApi.Host has been modified like this:

At the end of the ConfigureServices method of the ...HttpApiHostModule class I've added:

        Configure&lt;AbpTenantResolveOptions&gt;(options =>
        {
            options.AddDomainTenantResolver("{0}.test.mydomain.com");
        });

In the appsettings for the HttpApi.Host project I have:

{ "App": { "SelfUrl": "https://testmydomainhost.azurewebsites.net", "AngularUrl": "https://testmydomainhost.azurewebsites.net:4200", "CorsOrigins": "https://.testmydomainblazor.azurewebsites.net,https://testmydomainblazor.azurewebsites.net,https://test.mydomain.com, https://.test.mydomain.com", "RedirectAllowedUrls": "https://testmydomainhost.azurewebsites.net:4200,https://testmydomainhost.azurewebsites.net,https://.testmydomainblazor.azurewebsites.net,https://testmydomainblazor.azurewebsites.net,https://test.mydomain.com, https://.test.mydomain.com" }, ....

"AuthServer": { "Authority": "https://testmydomainhost.azurewebsites.net", "RequireHttpsMetadata": "false", "SwaggerClientId": "App_Swagger", "SwaggerClientSecret": "...." }

.... }

Identity Server

In Identity Server I have these settings:

IdentityServerClients table:

Id ClientId 9F9E6713-3B8F-6F35-2A69-3A03AAAFAA28 App_Web_Public F372EC2E-2B89-0BF4-C9CC-3A03AAAFAB3D App_App 5A38608A-25E1-03D7-76E3-3A03AAAFABE8 App_Blazor 70C8527D-01EA-2F4B-D58F-3A03AAAFAD68 App_Swagger 10C10C0A-72F4-D0F4-FB1C-3A03DEB6C72E APP_Wildcard

IdentityServerClientCorsOrigins table:

ClientId Origin F372EC2E-2B89-0BF4-C9CC-3A03AAAFAB3D http://localhost:4200 5A38608A-25E1-03D7-76E3-3A03AAAFABE8 https://test.mydomain.com 70C8527D-01EA-2F4B-D58F-3A03AAAFAD68 https://testmydomainhost.azurewebsites.net 10C10C0A-72F4-D0F4-FB1C-3A03DEB6C72E https://*.test.mydomain.com

IdentityServerClientRedirectUris table:

ClientId RedirectUri 9F9E6713-3B8F-6F35-2A69-3A03AAAFAA28 https://localhost:44304/signin-oidc F372EC2E-2B89-0BF4-C9CC-3A03AAAFAB3D http://localhost:4200 5A38608A-25E1-03D7-76E3-3A03AAAFABE8 https://test.mydomain.com/authentication/login-callback 70C8527D-01EA-2F4B-D58F-3A03AAAFAD68 https://testmydomainhost.azurewebsites.net/swagger/oauth2-redirect.html 10C10C0A-72F4-D0F4-FB1C-3A03DEB6C72E https://*.test.mydomain.com/authentication/login-callback

I've tried lots of different combinations of urls, and can't get anything to work. I understand that this last configuration with App_Wilcard client is not having any impact because the Blazor app is using the App_Blazor clientId.

Now this is what is happening:

If I use test.mydomain.com, everything works fine.

I added a new client tenant with the name Test1. If I navigate to test1.test.mydomain.com, the site appears correctly, but when I try to login, I get the 500 internal server error INVALID_REQUEST response.

Can you please tell me what combination of Identity Server Urls or other configuration I would need to use to get subdomain authentication working. I've tried everything I can think of.

Answer

Here is the content of my yarn.lock file, where source-map appears.

...

convert-source-map@^1.5.0: version "1.6.0" resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.6.0.tgz#51b537a8c43e0f04dec1993bffcdd504e758ac20" integrity sha512-eFu7XigvxdZ1ETfbgPBohgyQ/Z++C0eEhTor0qRwBw9unw+L0/6V8wkSuGgzdThkiS5lSpdptOQPD8Ak40a+7A== dependencies: safe-buffer "~5.1.1"

....

snapdragon@^0.8.1: version "0.8.2" resolved "https://registry.yarnpkg.com/snapdragon/-/snapdragon-0.8.2.tgz#64922e7c565b0e14204ba1aa7d6964278d25182d" dependencies: base "^0.11.1" debug "^2.2.0" define-property "^0.2.5" extend-shallow "^2.0.1" map-cache "^0.2.2" source-map "^0.5.6" source-map-resolve "^0.5.0" use "^3.1.0"

...

source-map-resolve@^0.5.0: version "0.5.1" resolved "https://registry.yarnpkg.com/source-map-resolve/-/source-map-resolve-0.5.1.tgz#7ad0f593f2281598e854df80f19aae4b92d7a11a" dependencies: atob "^2.0.0" decode-uri-component "^0.2.0" resolve-url "^0.2.1" source-map-url "^0.4.0" urix "^0.1.0"

source-map-url@^0.4.0: version "0.4.0" resolved "https://registry.yarnpkg.com/source-map-url/-/source-map-url-0.4.0.tgz#3e935d7ddd73631b97659956d55128e87b5084a3"

source-map@^0.5.6: version "0.5.7" resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.5.7.tgz#8a039d2d1021d22d1ea14c80d8ea468ba2ef3fcc"

....

vinyl-fs@^3.0.0: version "3.0.3" resolved "https://registry.yarnpkg.com/vinyl-fs/-/vinyl-fs-3.0.3.tgz#c85849405f67428feabbbd5c5dbdd64f47d31bc7" integrity sha512-vIu34EkyNyJxmP0jscNzWBSygh7VWhqun6RmqVfXePrOwi9lhvRs//dOaGOTRUQr4tx7/zd26Tk5WeSVZitgng== dependencies: fs-mkdirp-stream "^1.0.0" glob-stream "^6.1.0" graceful-fs "^4.0.0" is-valid-glob "^1.0.0" lazystream "^1.0.0" lead "^1.0.0" object.assign "^4.0.4" pumpify "^1.3.5" readable-stream "^2.3.3" remove-bom-buffer "^3.0.0" remove-bom-stream "^1.2.0" resolve-options "^1.1.0" through2 "^2.0.0" to-through "^2.0.0" value-or-function "^3.0.0" vinyl "^2.0.0" vinyl-sourcemap "^1.1.0"

vinyl-sourcemap@^1.1.0: version "1.1.0" resolved "https://registry.yarnpkg.com/vinyl-sourcemap/-/vinyl-sourcemap-1.1.0.tgz#92a800593a38703a8cdb11d8b300ad4be63b3e16" integrity sha1-kqgAWTo4cDqM2xHYswCtS+Y7PhY= dependencies: append-buffer "^1.0.2" convert-source-map "^1.5.0" graceful-fs "^4.1.6" normalize-path "^2.1.1" now-and-later "^2.0.0" remove-bom-buffer "^3.0.0" vinyl "^2.0.0"

vinyl@^2.0.0: version "2.2.0" resolved "https://registry.yarnpkg.com/vinyl/-/vinyl-2.2.0.tgz#d85b07da96e458d25b2ffe19fece9f2caa13ed86" integrity sha512-MBH+yP0kC/GQ5GwBqrTPTzEfiiLjta7hTtvQtbxBgTeSXsmKQRQecjibMbxIXzVT3Y9KJK+drOz1/k+vsu8Nkg== dependencies: clone "^2.1.1" clone-buffer "^1.0.0" clone-stats "^1.0.0" cloneable-readable "^1.0.0" remove-trailing-separator "^1.0.1" replace-ext "^1.0.0" ....

Question
  • ABP Framework version: v5.1.4
  • UI type: Blazor
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): no
  • Exception message and stack trace:

Severity Code Description Project File Line Suppression State Error TS6053 File 'C:/Users/agilm/Documents/Repos/Datansa.App/src/Datansa.App.HttpApi.Host/node_modules/source-map/source-map' not found. The file is in the program because: Root file specified for compilation Datansa.App.HttpApi.Host JavaScript Content Files 1 Active

  • Steps to reproduce the issue:" Build Solution

After upgrading from 5.0.1 to 5.1.4, I now get the above error when building.

I've tried abp install-libs , then yarn + abp install-libs in the Datansa.App.HttpApi.Host project. However, this didn't fix the issue.

I've also tried the fix described in this - https://github.com/mozilla/source-map/issues/449

npm ls source-map returns:

C:\Users\agilm\Documents\Repos\Datansa.App\src\Datansa.App.HttpApi.Host>npm ls source-map my-app@1.0.0 C:\Users\agilm\Documents\Repos\Datansa.App\src\Datansa.App.HttpApi.Host -- @volo/abp.aspnetcore.mvc.ui.theme.lepton@5.1.4 -- @volo/abp.aspnetcore.mvc.ui.theme.commercial@5.1.4 -- @abp/aspnetcore.mvc.ui.theme.shared@5.1.4 -- @abp/aspnetcore.mvc.ui@5.1.4 -- gulp@4.0.2 -- glob-watcher@5.0.3 -- anymatch@2.0.0 -- micromatch@3.1.10 -- snapdragon@0.8.2 -- source-map@0.5.7

Hi. I had already run yarn. Running abp install-libs fixed the issue.

I've followed the migration documentation and it doesn't say anywhere to run this. Is it in the documentation anywhere?

Or was there some failure in my upgrade process?

Thanks - Adam

{ "version": "1.0.0", "name": "my-app", "private": true, "dependencies": { "@volo/abp.aspnetcore.mvc.ui.theme.lepton": "~5.0.1", "@volo/account": "~5.0.1" } }

Showing 1 to 10 of 26 entries
Made with ❤️ on ABP v9.1.0-preview. Updated on December 13, 2024, 06:09