Activities of "alin.berce"

Hi,

Can Sql server cache be used instead of redis is the database is also on Sql server? Any drawbacks? Any advices on how to implement Sql server caching?

Thank you for your time.

I have two questions that I'd like some clarification.

1. When using the default template (not tiered) but with a public web site, how can I disable Redis? What is the impact of not having Redis for small projects in this case?

2. As stated here on abp support and in the link provided https://documentation.openiddict.com/configuration/encryption-and-signing-credentials.html the requirement for production is to generate and register certificates. While the certificates can be pretty easily added on Azure, what happens when the apps are hosted on IIS? There it says that it recommends to store the certificate on the machine's store however, not all hosting services provide this kind of access or option to do this. Is there a simpler way to have the openIdDict working without these certificates? Previously when using IdentityServer things were simpler.

If you're creating a bug/problem report, please include followings:

• ABP Framework version: v7.0.3
• UI type: MVC
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): no

Hello,

Either documentation is missing something or there's a bug or I'm not seeing something obvious. Here are the steps:

• add a new project using the latest abp 7.0.3 with Public web site

• either by using abp suite or by running abp add-module Volo.Payment add the payment module.

• this will add various packages and dependencies based on project

• I want to use this on Public site with Stripe (but it also doesn't work on Web) so because of this I add the packages in the project file

  <PackageReference Include="Volo.Payment.Admin.Web" Version="7.0.3" /> <PackageReference Include="Volo.Payment.Stripe.Web" Version="7.0.3" /> <PackageReference Include="Volo.Payment.Web" Version="7.0.3" />

and on WebPublicModule.cs

[DependsOn(typeof(AbpPaymentWebModule))]
[DependsOn(typeof(AbpPaymentStripeWebModule))]
[DependsOn(typeof(AbpPaymentAdminWebModule))]

also add url configs

  Configure<PaymentWebOptions>(options =>
        {
            options.RootUrl = configuration["App:SelfUrl"];
            options.CallbackUrl = configuration["App:SelfUrl"] + "/Paid";
        });

• looking at docs, for predefined gateways, there is no need to configure PaymentOptions
• in appsettings.json add

{
  "App": {...},
  "Redis": {...},
  "ConnectionStrings": {...},
  "AuthServer": {...},
  "Payment": {
    "Stripe": {
      "PublishableKey": "publishable_key",
      "SecretKey": "secret_key",
      "PaymentMethodTypes": [ "card" ]
    }
  }
}

• start a payment from razor main index model

public async Task<IActionResult> OnGetAsync()
    {
        var paymentRequest = await paymentRequestAppService.CreateAsync(new PaymentRequestCreateDto()
        {
            Currency = "USD",
            Products = new List<PaymentRequestProductCreateDto>()
            {
                new PaymentRequestProductCreateDto
                {
                    Code = "Product_code",
                    Name = "Product name",
                    Count =1,
                    UnitPrice = 20,
                    TotalPrice = 20
                }
            }
        });

        return LocalRedirectPreserveMethod("/Payment/GatewaySelection?paymentRequestId=" + paymentRequest.Id);
    }

• login with admin and run locally

Now the effects:

• /Payment/GatewaySelection returns code 400. If I look at logs I can see that:

Request starting HTTP/2 GET https://localhost:44374/Payment/GatewaySelection?paymentRequestId=a246857e-af5f-012d-0eee-3a09ec82cd86 - -
[11:41:08 DBG] Added 0 entity changes to the current audit log
[11:41:08 DBG] Added 0 entity changes to the current audit log
[11:41:08 DBG] Added 0 entity changes to the current audit log
[11:41:08 INF] Executing endpoint '/Payment/GatewaySelection'
[11:41:08 INF] Route matched with {page = "/Payment/GatewaySelection", action = "", controller = "", area = ""}. Executing page /Payment/GatewaySelection
[11:41:08 INF] Skipping the execution of current filter as its not the most effective filter implementing the policy Microsoft.AspNetCore.Mvc.ViewFeatures.IAntiforgeryPolicy
[11:41:08 INF] Executing handler method Volo.Payment.Pages.Payment.GatewaySelectionModel.OnGet - ModelState is Valid
[11:41:08 INF] Executed handler method OnGet, returned result Microsoft.AspNetCore.Mvc.BadRequestResult.
[11:41:08 INF] Executing StatusCodeResult, setting HTTP status code 400
[11:41:08 INF] Executed page /Payment/GatewaySelection in 2.4219ms
[11:41:08 INF] Executed endpoint '/Payment/GatewaySelection'
[11:41:08 INF] Request finished HTTP/2 GET https://localhost:44374/Payment/GatewaySelection?paymentRequestId=a246857e-af5f-012d-0eee-3a09ec82cd86 - - - 400 0 - 47.9921ms

• going to /Payment/Requests I can see the payment request created with Wait state

I've tried a bunch of configs and all that I could see in docs and around support answered questions. Basically the gateways pages are not available. Seems like it's missing some configuration? What could cause that BadRequestResult in GatewaySelectionModel.OnGet?

Please advise. Thank you.

• ABP Framework version: v6
• UI type: MVC
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): no

I'll do my best to explain the situation:

• apb app using openiddict
• the app has been published on azure
• in order to publis the app, two certificates have been generated, one for encryption and one for signing. These certificates were added on PreConfigure<OpenIddictServerBuilder>. These certificates are added on azure
• have the maui app, migrated to .net 7, connect in two ways: by doing a normal httpClient.PostAsync and by calling an injected app service

Result:

• when running the android app on devices with android 10,11,13 -> everything works as expected
• where running the android app on emulators with android 7,8 -> it doesn't work. Here are the exceptions:

The SSL connection could not be established, see inner exception

digging deeper into the inner exception I get:

System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception

digging deeper into the inner exception again I get:

Interiop+AndroidCrypto+SslException: Exception of type Interiop+AndroidCrypto+SslException was thrown and this happens at System.Net.Security.SslStream<ForceAuthenticationAsync>

Why does it work on some android versions and not on others? Does it have something to do with the genereated self signed certificates? How can I make it work? Thank you for your time

• ABP Framework version: v7.0.1
• UI type: MVC
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular):no
• Exception message and stack trace:
• Steps to reproduce the issue:"

Here is my scenario:

• app has a public web site generated by abp suite, roles and permissions are seeded
• a new user goes to public web site
• user goes to log in. Since it is a new user, it goes through registration
• after registration when user is redirected to public web site index page. I check if the user has any role (CurrentUser.Roles.Length). Since the user is new, there are no roles so I redirect to a new page from public where he picks a role. After the user picks a role, he is being added to the role by using IdentityUserManager.AddToRoleAsync(). Everything is working without error and the role grant is visible in the database.

Now the problem:

• the user has registed and is logged in, it has been added to a role, but it seems that the current token and claims do not know about the role. Calling an app service that requires permission will throw authorization fail error. CurrentUser.Roles is empty. Manually logging off and the log in with the user makes it work, CurrentUser.Roles is filled and the authorized error goes away.

What I have tried:

• after adding the user to the role, I call for a page on Web (so not on public) which has access to SignInManager<IdentityUser> which does a RefreshSignInAsync(). After doing this call and refreshing the page, the CurrentUser.Roles gets filled. This works on Web, however the token on the Public web remains the same.

Questions:

• what do I need to do in order to have the user be able to access all the permissions granted by the role it has? How to refresh the public web site token?
• is there a better recommended way to achieve programmatically role assignment without the user need to relogin?

Thank you for your time.