Hi,
In which module should I try that code?
context.Services.ConfigureApplicationCookie(options =>
{
options.ExpireTimeSpan = TimeSpan.FromDays(1);
});
context.Services.Configure<SecurityStampValidatorOptions>(options =>
{
options.ValidationInterval = TimeSpan.FromDays(1);
});
Hi,
Thank you so much for your prompt support. It works now.
I use HTTP not HTTPS. In AdministrationService, it has the same setting and work fine (no need HTTPS).
"AuthServer": {
"Authority": "http://authserver:7000",
"RequireHttpsMetadata": "false",
"SwaggerClientId": "WebGateway_Swagger.DockerHttp"
},
"RemoteServices": {
"AbpIdentity": {
"BaseUrl": "http://identityservice.httpapi.host:7002/",
"UseCurrentAccessToken": "false"
}
},
"IdentityClients": {
"Default": {
"GrantType": "client_credentials",
"ClientId": "AdministrationService.DockerHttp",
"ClientSecret": "1q2w3e*",
"Authority": "http://authserver:7000",
"Scope": "IdentityService"
}
},
Steps to reproduce the issue: I'm using Quartz background worker to call an authorized app service method with above error. Here's appsettings.json:
"RemoteServices": {
"MyService": {
"BaseUrl": "http://myservice.httpapi.host:7005/",
"UseCurrentAccessToken": "false"
}
},
"IdentityClients": {
"Default": {
"GrantType": "client_credentials",
"ClientId": "BackgroundWorker.DockerHttp",
"ClientSecret": "1q2w3e*",
"Authority": "http://authserver:7000",
"Scope": "MyService"
}
}
[DependsOn(
typeof(AbpAutofacModule),
typeof(AbpBackgroundWorkersQuartzModule),
typeof(AbpHttpClientIdentityModelWebModule),
typeof(AbpIdentityHttpApiClientModule),
...
)]
public class BackgroundWorkerModule : AbpModule
{
public override Task OnApplicationInitializationAsync(ApplicationInitializationContext context)
{
var logger = context.ServiceProvider.GetRequiredService<ILogger<BackgroundWorkerModule>>();
var configuration = context.ServiceProvider.GetRequiredService<IConfiguration>();
logger.LogInformation($"MySettingName => {configuration["MySettingName"]}");
var hostEnvironment = context.ServiceProvider.GetRequiredService<IHostEnvironment>();
logger.LogInformation($"EnvironmentName => {hostEnvironment.EnvironmentName}");
return Task.CompletedTask;
}
}
OpenIdDictDataSeeder.cs
//Background Worker
await CreateApplicationAsync(
name: "BackgroundWorker.DockerHttp",
type: OpenIddictConstants.ClientTypes.Confidential,
consentType: OpenIddictConstants.ConsentTypes.Implicit,
displayName: "Background Worker",
secret: "1q2w3e*",
grantTypes: new List<string>
{
OpenIddictConstants.GrantTypes.ClientCredentials
},
scopes: commonScopes.Union(new[] { "MyService" }).ToList(),
permissions: new List<string> { MyServicePermissions.TransactionReports.Default, MyServicePermissions.TransactionReports.GenerateFile }
);
How can I fix it? Thank you.
The escape character is added automatically when I copy and paste and then format it with code block. I saw the docker compose file of application template, it's the same as the one I created for microservice template. The problem is I can't trust the self-sign certificate which generated for each service domain name. Could you pls try to create a test app based on microservice template and configure docker compose for it to reproduce my issue?
Hi,
No more information?
Any update, pls?
I used host file to map like this: 127.0.0.1 mydomain.webgateway As you can see in my docker compose file:
volumes:
- ~/.aspnet/https:/https:ro
Is that correct way to map certificate file? I can see all mapped pfx files in https folder of the container.
I already generated pfx file with this command: New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -DnsName "mydomain.webgateway" -FriendlyName "mydomain.webgateway" -NotAfter (Get-Date).AddYears(10)
(because the URL is not localhost, they are container names instead), added to Trusted Root Certification Authorities on Local Machine and mounted successfully, but the error still occurs.
For linux, pfx is problematic as far as i know. You can use OpenSSL to generate self-signed certificate.
Do you mean linux for host or container? I use Windows host but linux container. Do I have to use OpenSSL to generate certificate? If yes, how to use that certificate in docker-compose file?