No, not on my computer. But a coworker got that error. When I tried it in my computer I get the Content-Security-Policy error.
There is only one backend. I didn't split AuthServer. I removed it from Http.Host module.
I tried removing app.UseAbpSecurityHeaders();
I also tried adding the following in ConfigureServices :
Configure<AbpSecurityHeadersOptions>(options =>
{
options.UseContentSecurityPolicyHeader = true;
options.ContentSecurityPolicyValue = "default-src 'self'; img-src 'self' data:;";
});
Neither worked.
Hi,
We created a new project. We didn't make any changes.
Angular client returns "Cannot GET /"
In console we get the following error :
Content-Security-Policy: The page’s settings blocked the loading of a resource (img-src) at http://localhost:4200/favicon.ico because it violates the following directive: “default-src 'none'”
Thanks,
Hello,
I am trying to add extra fields to IdentityUser with ModuleExtensionConfiguration. I succesfully added a Guid,string and an Enum Type. But the DateTime field I added does not appear on the add user modal. The label of the field is visible but input is not.
ObjectExtensionManager.Instance.Modules()
.ConfigureIdentity(identity =>
{
identity.ConfigureUser(user =>
{
user.AddOrUpdateProperty<Guid>( //property type: string
"CompanyId", //property name
property =>
{
//validation rules
property.UI.Lookup.Url = "/api/app/my-companies";
property.UI.Lookup.DisplayPropertyName = "name";
property.UI.Lookup.ValuePropertyName = "id";
//...other configurations for this property
}
);
user.AddOrUpdateProperty<string>( //property type: string
"TcNo", //property name
property =>
{
property.Validators.Add(context =>
{
var socialSecurityNumber = context.Value as string;
if (!socialSecurityNumber.IsNullOrEmpty() && !ValidateTc(socialSecurityNumber))
{
context.ValidationErrors.Add(
new ValidationResult(
"Geçersiz Tc Kimlik: " + socialSecurityNumber,
new[] { "SocialSecurityNumber" }
)
);
}
});
}
);
user.AddOrUpdateProperty<UserType>("UserType");
user.AddOrUpdateProperty<DateTime>("BirthDate");
});
});
user.AddOrUpdateProperty<UserType>("UserType"); user.AddOrUpdateProperty<DateTime>("BirthDate");
Thanks, Can Ercan
Hi
With the new version 4.4.3 when i create a new tenant with seperated db database is created but tables are not created. Only EFMigrationsHistory table is created. In the previous version when tenant is created the same way database is created with tables without a problem. The project is newly created and only 1 entity added from abp suite. I reproduced the problem several times.
When i update database from admin tenant page i got the following error:
2021-10-08 13:46:18.186 +03:00 [ERR] Invalid object name 'AbpUsers'.
Microsoft.Data.SqlClient.SqlException (0x80131904): Invalid object name 'AbpUsers'.
at Microsoft.Data.SqlClient.SqlCommand.<>c.<ExecuteDbDataReaderAsync>b__169_0(Task1 result) at System.Threading.Tasks.ContinuationResultTaskFromResultTask2.InnerInvoke()
at System.Threading.Tasks.Task.<>c.<.cctor>b__277_0(Object obj)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state)
--- End of stack trace from previous location ---
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.Tasks.Task.ExecuteWithThreadLocal(Task& currentTaskSlot, Thread threadPoolThread)
--- End of stack trace from previous location ---
at Microsoft.EntityFrameworkCore.Storage.RelationalCommand.ExecuteReaderAsync(RelationalCommandParameterObject parameterObject, CancellationToken cancellationToken)
at Microsoft.EntityFrameworkCore.Storage.RelationalCommand.ExecuteReaderAsync(RelationalCommandParameterObject parameterObject, CancellationToken cancellationToken)
at Microsoft.EntityFrameworkCore.Query.Internal.SplitQueryingEnumerable1.AsyncEnumerator.InitializeReaderAsync(DbContext _, Boolean result, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.SqlServer.Storage.Internal.SqlServerExecutionStrategy.ExecuteAsync[TState,TResult](TState state, Func4 operation, Func4 verifySucceeded, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.Query.Internal.SplitQueryingEnumerable1.AsyncEnumerator.MoveNextAsync()
at Microsoft.EntityFrameworkCore.Query.ShapedQueryCompilingExpressionVisitor.SingleOrDefaultAsync[TSource](IAsyncEnumerable1 asyncEnumerable, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.Query.ShapedQueryCompilingExpressionVisitor.SingleOrDefaultAsync[TSource](IAsyncEnumerable1 asyncEnumerable, CancellationToken cancellationToken)
at Volo.Abp.Identity.EntityFrameworkCore.EfCoreIdentityUserRepository.FindByNormalizedUserNameAsync(String normalizedUserName, Boolean includeDetails, CancellationToken cancellationToken)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue1.ProceedAsync() at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation) at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func3 proceed) at Volo.Abp.Identity.IdentityDataSeeder.SeedAsync(String adminEmail, String adminPassword, Nullable1 tenantId)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue1.ProceedAsync() at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation) at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func3 proceed) at Volo.Abp.Data.DataSeeder.SeedAsync(DataSeedContext context) at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo) at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync() at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation) at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at TenantDbTest.Data.TenantDbTestTenantDatabaseMigrationHandler.MigrateAndSeedForTenantAsync(Guid tenantId, String adminEmail, String adminPassword) in E:\abp\TenantDbTest\aspnet-core\src\TenantDbTest.Domain\Data\TenantDbTestTenantDatabaseMigrationHandler.cs:line 115
ClientConnectionId:5045aae6-9a46-4e87-9aa7-7a0e35f4ebaf
Error Number:208,State:1,Class:16
2021-10-08 13:46:18.186 +03:00 [ERR] ---------- Exception Data ----------
HelpLink.ProdName = Microsoft SQL Server
HelpLink.ProdVer = 13.00.4259
HelpLink.EvtSrc = MSSQLServer
HelpLink.EvtID = 208
HelpLink.BaseHelpUrl = http://go.microsoft.com/fwlink
HelpLink.LinkId = 20476
Besides this error there is no other error in the logs.
Thanks, Can Ercan
Hi Problem is solved.
Thanks, Can Ercan
Hi,
When i tried to login from https://merlinvoip.com i didn't get the previous error but when i logged in and then redirected to client app i didn't appear to be logged in and the log shows:
2021-09-21 13:01:15.892 +00:00 [INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token
2021-09-21 13:01:15.920 +00:00 [INF] {"ClientId":"TestApp2_App","AuthenticationMethod":"NoSecret","Category":"Authentication","Name":"Client Authentication Success","EventType":"Success","Id":1010,"Message":null,"ActivityId":"800001a7-0000-cb00-b63f-84710c7967bb","TimeStamp":"2021-09-21T13:01:15.0000000Z","ProcessId":6384,"LocalIpAddress":"10.11.0.130:443","RemoteIpAddress":"88.243.86.198","$type":"ClientAuthenticationSuccessEvent"}
2021-09-21 13:01:15.995 +00:00 [INF] Token request validation success, {"ClientId":"TestApp2_App","ClientName":"TestApp2_App","GrantType":"authorization_code","Scopes":null,"AuthorizationCode":"****82BB","RefreshToken":"********","UserName":null,"AuthenticationContextReferenceClasses":null,"Tenant":null,"IdP":null,"Raw":{"grant_type":"authorization_code","code":"9A7EC69860CCE8494775D54C5FC01816A1480304478A2AEE49CE7BE5037382BB","redirect_uri":"https://merlinvoip.com","code_verifier":"N3RuWU5BWHFfN2dDfkpuazVaQko4ZnNrMGpzdmJ6UFBtVVRVcnphSWl0MU1j","client_id":"TestApp2_App"},"$type":"TokenRequestValidationLog"}
2021-09-21 13:01:16.152 +00:00 [INF] {"ClientId":"TestApp2_App","ClientName":"TestApp2_App","RedirectUri":null,"Endpoint":"Token","SubjectId":"04a49bf7-0341-52cf-f8c8-39fef527ad38","Scopes":"openid offline_access TestApp2","GrantType":"authorization_code","Tokens":[{"TokenType":"id_token","TokenValue":"****YXBg","$type":"Token"},{"TokenType":"refresh_token","TokenValue":"****DF50","$type":"Token"},{"TokenType":"access_token","TokenValue":"****803Q","$type":"Token"}],"Category":"Token","Name":"Token Issued Success","EventType":"Success","Id":2000,"Message":null,"ActivityId":"800001a7-0000-cb00-b63f-84710c7967bb","TimeStamp":"2021-09-21T13:01:16.0000000Z","ProcessId":6384,"LocalIpAddress":"10.11.0.130:443","RemoteIpAddress":"88.243.86.198","$type":"TokenIssuedSuccessEvent"}
2021-09-21 13:01:16.205 +00:00 [INF] Request finished HTTP/1.1 POST https://pbxticketapi.azurewebsites.net/connect/token application/x-www-form-urlencoded 233 - 200 - application/json;+charset=UTF-8 386.8135ms
2021-09-21 13:01:16.283 +00:00 [INF] Request starting HTTP/1.1 OPTIONS https://pbxticketapi.azurewebsites.net/api/abp/application-configuration - -
2021-09-21 13:01:16.283 +00:00 [INF] CORS policy execution successful.
2021-09-21 13:01:16.283 +00:00 [INF] Request finished HTTP/1.1 OPTIONS https://pbxticketapi.azurewebsites.net/api/abp/application-configuration - - - 204 - - 0.5517ms
2021-09-21 13:01:16.363 +00:00 [INF] Request starting HTTP/1.1 GET https://pbxticketapi.azurewebsites.net/api/abp/application-configuration - -
2021-09-21 13:01:16.363 +00:00 [INF] CORS policy execution successful.
2021-09-21 13:01:16.402 +00:00 [INF] Failed to validate the token.
Microsoft.IdentityModel.Tokens.SecurityTokenInvalidIssuerException: IDX10205: Issuer validation failed. Issuer: 'System.String'. Did not match: validationParameters.ValidIssuer: 'System.String' or validationParameters.ValidIssuers: 'System.String'.
at Microsoft.IdentityModel.Tokens.Validators.ValidateIssuer(String issuer, SecurityToken securityToken, TokenValidationParameters validationParameters)
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateIssuer(String issuer, JwtSecurityToken jwtToken, TokenValidationParameters validationParameters)
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateTokenPayload(JwtSecurityToken jwtToken, TokenValidationParameters validationParameters)
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken)
at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
One thing I noticed is identity server uses the https://pbxticketapi.azurewebsites.net url.I used to use this url but i changed it.
"App": {
"SelfUrl": "https://api.merlinvoip.com",
"AngularUrl": "https://{{tenantName}}.merlinvoip.com",
"CorsOrigins": "https://merlinvoip.com,https://*.merlinvoip.com"
}
"AuthServer": {
"Authority": "https://api.merlinvoip.com",
"RequireHttpsMetadata": "false",
"SwaggerClientId": "TestApp2_Swagger",
"SwaggerClientSecret": "1q2w3e*"
},
Angular environment variables:
oAuthConfig: {
issuer: 'http://{0}.api.merlinvoip.com',
redirectUri: baseUrl,
clientId: 'TestApp2_App',
responseType: 'code',
scope: 'offline_access TestApp2',
requireHttps: false
},
apis: {
default: {
url: 'http://{0}.api.merlinvoip.com',
rootNamespace: 'TestApp2',
},
},
These are my settings but system still uses the old url for identity server. I cleared cookies and caches and restarted both apps but still the old url is used. Is it in the database somewhere?
Thanks, Can Ercan
Hmm ok, I couldn't find it in the sample project so i removed it. Sample project code:
"App": {
"SelfUrl": "https://api.getabp.net:44301",
"CorsOrigins": "https://*.ng.getabp.net:4200,https://ng.getabp.net:4200/"
}
Configure<AppUrlOptions>(options =>
{
options.Applications["MVC"].RootUrl = configuration["App:SelfUrl"];
options.Applications["Angular"].RootUrl = configuration["App:ClientUrl"];
options.Applications["Angular"].Urls[AccountUrlNames.PasswordReset] = "account/reset-password";
});
Should i put https://merlinvoip.com or https://*.merlinvoip.com
I remember trying with https://*.merlinvoip.com and getting invalid uri error from IdentityServer.
Configure<AppUrlOptions>(options => { options.Applications["MVC"].RootUrl = configuration["App:SelfUrl"]; options.Applications["Angular"].RootUrl = configuration["App:AngularUrl"]; options.Applications["Angular"].Urls[AccountUrlNames.PasswordReset] = "account/reset-password"; options.Applications["Angular"].Urls[AccountUrlNames.EmailConfirmation] = "account/email-confirmation"; );
