Activities of "cangunaydin"
Hello, Can you try to impersonate from the admin side for the tenant and try to download? I think that's the problem.
I have sent the email, i have also added docker compose file for postgres and redis. you can check it out if you want.
Hello, If you want, I can send you a sample app if you give me an email address ok here are the steps.
Create the new project from abp cli
abp new Doohlink -t app-pro -u angular -dbms PostgreSQL --separate-auth-server -m maui -csfAdd Volo.FileManagement module (run the command inside aspnet-core folder)
abp add-module Volo.FileManagementArrange Postgres and Redis. Change appsettings.json according to that. (I use docker containers for that.)
Run Dbmigrator.
Run the Application (AuthServer and HttpApi.Host)
do yarn install in angular app.
Configure the angular app. Add Config Module and Feature Module.
run angular app with yarn start
now you should see file management menu item.
upload an image.
Then try to download that image.
you will see an authentication error.
i hope this is enough information, as i say if you can not reproduce i can send you the sample app.
Thank you for the help.
Hello, I didn't understand how i can pass the authorization header while i am redirecting the user from angular. Is there any sample code how to do that? I would be happy if you can share it. I fixed the problem by implementing another authentication schema, so in that way i can challenge the user to authenticate and when it is done i can sign in the user and redirect the user to the page. sth like this.
context.Services.AddAuthentication(options =>
{
options.DefaultScheme = "DoohlinkCustomPolicy";
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddPolicyScheme("DoohlinkCustomPolicy", "DoohlinkCustomPolicy", options =>
{
options.ForwardDefaultSelector = context =>
{
string authorization = context.Request.Headers[HeaderNames.Authorization];
if (!string.IsNullOrEmpty(authorization) && authorization.StartsWith("Bearer "))
return JwtBearerDefaults.AuthenticationScheme;
else
return CookieAuthenticationDefaults.AuthenticationScheme;
};
})
.AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options =>
{
options.Authority = configuration["AuthServer:Authority"];
options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]);
options.Audience = "Doohlink";
})
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options =>
{
options.ExpireTimeSpan = TimeSpan.FromDays(365);
})
.AddAbpOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options =>
{
options.Authority = configuration["AuthServer:Authority"];
options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]);
options.ResponseType = OpenIdConnectResponseType.Code;
options.ClientId = configuration["AuthServer:WebClientId"];
options.ClientSecret = configuration["AuthServer:WebClientSecret"];
options.UsePkce = true;
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.Scope.Add("roles");
options.Scope.Add("email");
options.Scope.Add("phone");
options.Scope.Add("Doohlink");
options.Events.OnTicketReceived = async (TicketReceivedContext e) =>
{
await e.HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
e.Principal,
new AuthenticationProperties
{
IsPersistent = true,
AllowRefresh = true,
ExpiresUtc = DateTime.UtcNow.AddDays(1)
});
};
});
and challenging the user to login in a controller.
public ActionResult Login()
{
return Challenge(new AuthenticationProperties { RedirectUri = "/hangfire" }, OpenIdConnectDefaults.AuthenticationScheme);
}
this works for now. But I would happy to know how to do it from angular. Because as i know when you do redirect from client side like. window.open() you can not pass authorization header. Or maybe I am wrong?
Hello again, Thanks for the explanation, can i ask how can i do the same for hangfire dashboard? If i write a mvc controller action, how can i redirect the user to auth server log in page and then redirect to hangfire dashboard?
Thanks a lot, i have seen the fix now, I am closing the issue then.
Hello @liangshiwei. As you mention it works when you await, probably when i try to await i did sth wrong. It was late at night :) Thank you for sharing the issue link with me So it seems, collection has been updated from two threads. And collection that is updated in Volo.Abp.Uow.UnitOfWorkExtensions.GetOrAddItem is not thread safe. Maybe changing that to ConcurrentDictionary can help. https://learn.microsoft.com/en-us/dotnet/api/system.collections.concurrent.concurrentdictionary-2?view=net-5.0
Thank you @mahmut.
Hello again, you can find the project in this github repo. https://github.com/cangunaydin/abpConcurrencyIssue to produce the same error you have to do the followings.
1- Clone the project.
2- Go to aspnet-core\etc\docker
3- execute run-docker-sideapps.ps1 this will create the redis and postgres(postgis) container.(stick to these images since appsettings has been configured according to those docker images and geolocation is involved)
4- Build project and run dbmigrator. This will seed a new tenant named "Tribulus" and one screen belongs to this tenant with id: "ad16f9e2-bf39-43cf-af69-47b7388ee9cd". You can check TenantDataSeeder class if you want.
5- abp install-libs inside AuthServer folder then Run Doohlink.AuthServer and Doohlink.HttpApi.Host project
6- Run angular app and get bearer token for Tribulus tenant with username: admin, password: 123qwe, note the bearer token and tenantid to somewhere, you will use them on step 8
7- Install Jmeter to do multiple http requests async. If you want you can use another tool but important part is you need bunch of async calls at the same time.
https://jmeter.apache.org/download_jmeter.cgi
Download zip file, unzip it then run jmeter.bat
8- After running the Jmeter, you need to open the TestJmeter.jmx file on the root folder of the project. This is a script that will do the call to the endpoint.
9- Change the bearer token and tenantid to what you got from step 6. You need to do that from Http Header Manager
10-Run the jmeter, it is gonna take 10 seconds, you can see if http requests are successful on treeview. Most of them will succeed around 5 of them will fail. you can look at the logs afterwards.
