then change this angular app => yup, we're doing this. But with public web use authentication type **confidential ** but don't know configuration environment angular app how that?
sorry my application doesn't publish to internet. can you suggest a key work to me for this problem ?.
hi
https for all urls required. Also for urls received by discovery
Please share the logs of authserver.
Hi, this is my application logs of Host project after deploy to openshift. I use ABP without the Identity Server. In the JSON document the value of "issuer" is "https://abc.domain.com/svc/". but value of another fields are https://abc.domain.com how to change it to https://abc.domain.com/svc/.
[10:47:35 INF] Request starting HTTP/1.0 GET http://abc.domain.com/.well-known/openid-configuration - -
[10:47:35 INF] The request URI matched a server endpoint: Configuration.
[10:47:35 INF] The configuration request was successfully extracted: {}.
[10:47:35 INF] The configuration request was successfully validated.
[10:47:35 INF] The response was successfully returned as a JSON document: {
"issuer": "https://abc.domain.com/svc/",
"authorization_endpoint": "https://abc.domain.com/connect/authorize",
"token_endpoint": "https://abc.domain.com/connect/token",
"introspection_endpoint": "https://abc.domain.com/connect/introspect",
"end_session_endpoint": "https://abc.domain.com/connect/logout",
"revocation_endpoint": "https://abc.domain.com/connect/revocat",
"userinfo_endpoint": "https://abc.domain.com/connect/userinfo",
"device_authorization_endpoint": "https://abc.domain.com/device",
"jwks_uri": "https://abc.domain.com/.well-known/jwks",
"grant_types_supported": [
"authorization_code",
"implicit",
"password",
"client_credentials",
"refresh_token",
"urn:ietf:params:oauth:grant-type:device_code",
"LinkLogin",
"Impersonation"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"code token",
"id_token",
"id_token token",
"token",
"none"
],
"response_modes_supported": [
"form_post",
"fragment",
"query"
],
"scopes_supported": [
"openid",
"offline_access",
"email",
"profile",
"phone",
"roles",
"address",
"mWork"
],
"claims_supported": [
"aud",
"exp",
"iat",
"iss",
"sub"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"code_challenge_methods_supported": [
"S256"
],
"subject_types_supported": [
"public"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"introspection_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"revocation_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"claims_parameter_supported": false,
"request_parameter_supported": false,
"request_uri_parameter_supported": false,
"authorization_response_iss_parameter_supported": true
}.
[10:47:35 INF] Request finished HTTP/1.0 GET http://abc.domain.com/.well-known/openid-configuration - - - 200 2021 application/json;charset=UTF-8 15.2928ms
[10:47:35 INF] Request starting HTTP/1.0 GET http://abc.domain.com/api/abp/application-configuration?includeLocalizationResources=false - -
[10:47:35 INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
[10:47:35 INF] Route matched with {area = "abp", action = "Get", controller = "AbpApplicationConfiguration", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationDto] GetAsync(Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationRequestOptions) on controller Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController (Volo.Abp.AspNetCore.Mvc).
[10:47:35 INF] Request starting HTTP/1.0 GET http://abc.domain.com/api/abp/application-configuration?includeLocalizationResources=false - -
[10:47:35 INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
[10:47:35 INF] Route matched with {area = "abp", action = "Get", controller = "AbpApplicationConfiguration", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationDto] GetAsync(Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationRequestOptions) on controller Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController (Volo.Abp.AspNetCore.Mvc).
[10:47:35 INF] Executing ObjectResult, writing value of type 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationDto'.
[10:47:35 INF] Executed action Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc) in 62.6429ms
[10:47:35 INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
[10:47:35 INF] Request finished HTTP/1.0 GET http://abc.domain.com/api/abp/application-configuration?includeLocalizationResources=false - - - 200 - application/json;+charset=utf-8 70.1362ms
[10:47:35 INF] Executing ObjectResult, writing value of type 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationDto'.
[10:47:35 INF] Executed action Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc) in 150.6204ms
[10:47:35 INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
[10:47:35 INF] Request finished HTTP/1.0 GET http://abc.domain.com/api/abp/application-configuration?includeLocalizationResources=false - - - 200 - application/json;+charset=utf-8 154.6716ms
[10:47:35 INF] Request starting HTTP/1.0 GET http://abc.domain.com/api/abp/application-localization?cultureName=en&onlyDynamics=false - -
[10:47:35 INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationLocalizationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
[10:47:35 INF] Route matched with {area = "abp", action = "Get", controller = "AbpApplicationLocalization", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationLocalizationDto] GetAsync(Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationLocalizationRequestDto) on controller Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationLocalizationController (Volo.Abp.AspNetCore.Mvc).
[10:47:36 INF] Executing ObjectResult, writing value of type 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationLocalizationDto'.
[10:47:36 INF] Executed action Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationLocalizationController.GetAsync (Volo.Abp.AspNetCore.Mvc) in 201.3943ms
[10:47:36 INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationLocalizationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
[10:47:36 INF] Request finished HTTP/1.0 GET http://abc.domain.com/api/abp/application-localization?cultureName=en&onlyDynamics=false - - - 200 - application/json;+charset=utf-8 204.6098ms
[10:47:41 INF] Request starting HTTP/1.0 GET http://abc.domain.com/.well-known/openid-configuration - -
[10:47:41 INF] The request URI matched a server endpoint: Configuration.
[10:47:41 INF] The configuration request was successfully extracted: {}.
[10:47:41 INF] The configuration request was successfully validated.
[10:47:41 INF] The response was successfully returned as a JSON document: {
"issuer": "https://abc.domain.com/svc/",
"authorization_endpoint": "https://abc.domain.com/connect/authorize",
"token_endpoint": "https://abc.domain.com/connect/token",
"introspection_endpoint": "https://abc.domain.com/connect/introspect",
"end_session_endpoint": "https://abc.domain.com/connect/logout",
"revocation_endpoint": "https://abc.domain.com/connect/revocat",
"userinfo_endpoint": "https://abc.domain.com/connect/userinfo",
"device_authorization_endpoint": "https://abc.domain.com/device",
"jwks_uri": "https://abc.domain.com/.well-known/jwks",
"grant_types_supported": [
"authorization_code",
"implicit",
"password",
"client_credentials",
"refresh_token",
"urn:ietf:params:oauth:grant-type:device_code",
"LinkLogin",
"Impersonation"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"code token",
"id_token",
"id_token token",
"token",
"none"
],
"response_modes_supported": [
"form_post",
"fragment",
"query"
],
"scopes_supported": [
"openid",
"offline_access",
"email",
"profile",
"phone",
"roles",
"address",
"mWork"
],
"claims_supported": [
"aud",
"exp",
"iat",
"iss",
"sub"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"code_challenge_methods_supported": [
"S256"
],
"subject_types_supported": [
"public"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"introspection_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"revocation_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"claims_parameter_supported": false,
"request_parameter_supported": false,
"request_uri_parameter_supported": false,
"authorization_response_iss_parameter_supported": true
}.
[10:47:41 INF] Request finished HTTP/1.0 GET http://abc.domain.com/.well-known/openid-configuration - - - 200 2021 application/json;charset=UTF-8 3.8058ms
[10:47:41 INF] Request starting HTTP/1.0 GET http://abc.domain.com/api/abp/application-configuration?includeLocalizationResources=false - -
[10:47:41 INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
[10:47:41 INF] Route matched with {area = "abp", action = "Get", controller = "AbpApplicationConfiguration", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationDto] GetAsync(Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationRequestOptions) on controller Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController (Volo.Abp.AspNetCore.Mvc).
[10:47:41 INF] Request starting HTTP/1.0 GET http://abc.domain.com/api/abp/application-configuration?includeLocalizationResources=false - -
[10:47:41 INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
[10:47:41 INF] Route matched with {area = "abp", action = "Get", controller = "AbpApplicationConfiguration", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationDto] GetAsync(Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationRequestOptions) on controller Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController (Volo.Abp.AspNetCore.Mvc).
[10:47:41 INF] Executing ObjectResult, writing value of type 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationDto'.
[10:47:41 INF] Executed action Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc) in 76.5041ms
[10:47:41 INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
[10:47:41 INF] Request finished HTTP/1.0 GET http://abc.domain.com/api/abp/application-configuration?includeLocalizationResources=false - - - 200 - application/json;+charset=utf-8 79.2351ms
[10:47:41 INF] Executing ObjectResult, writing value of type 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationDto'.
[10:47:41 INF] Executed action Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc) in 74.7597ms
[10:47:41 INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
[10:47:41 INF] Request finished HTTP/1.0 GET http://abc.domain.com/api/abp/application-configuration?includeLocalizationResources=false - - - 200 - application/json;+charset=utf-8 77.1555ms
[10:47:41 INF] Request starting HTTP/1.0 GET http://abc.domain.com/api/abp/application-localization?cultureName=en&onlyDynamics=false - -
[10:47:41 INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationLocalizationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
[10:47:41 INF] Route matched with {area = "abp", action = "Get", controller = "AbpApplicationLocalization", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationLocalizationDto] GetAsync(Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationLocalizationRequestDto) on controller Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationLocalizationController (Volo.Abp.AspNetCore.Mvc).
[10:47:41 INF] Executing ObjectResult, writing value of type 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationLocalizationDto'.
[10:47:41 INF] Executed action Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationLocalizationController.GetAsync (Volo.Abp.AspNetCore.Mvc) in 95.3382ms
[10:47:41 INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationLocalizationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
[10:47:41 INF] Request finished HTTP/1.0 GET http://abc.domain.com/api/abp/application-localization?cultureName=en&onlyDynamics=false - - - 200 - application/json;+charset=utf-8 97.7236ms
[10:47:50 INF] Request starting HTTP/1.0 GET http://abc.domain.com/.well-known/openid-configuration - -
[10:47:50 INF] The request URI matched a server endpoint: Configuration.
[10:47:50 INF] The configuration request was successfully extracted: {}.
[10:47:50 INF] The configuration request was successfully validated.
Thank you very much!
Hi maliming.
I configured the endpoints in appsettng.json. But when i run my application i got the error: "https for all urls required. Also for urls received by discovery"
How do I get the URLs generated from my application to be HTTPS?
Navigating to https://abc.domain.com/.well-known/openid-configuration produces a discovery configuration like so:
{
"issuer": "https://abc.domain.com/",
"authorization_endpoint": "http://abc.domain.com/connect/authorize",
"token_endpoint": "http://abc.domain.com/connect/token",
"introspection_endpoint": "http://abc.domain.com/connect/introspect",
"end_session_endpoint": "http://abc.domain.com/connect/logout",
"revocation_endpoint": "http://abc.domain.com/connect/revocat",
"userinfo_endpoint": "http://abc.domain.com/connect/userinfo",
"device_authorization_endpoint": "http://abc.domain.com/device",
"jwks_uri": "http://abc.domain.com/.well-known/jwks",
"grant_types_supported": [
"authorization_code",
"implicit",
"password",
"client_credentials",
"refresh_token",
"urn:ietf:params:oauth:grant-type:device_code",
"LinkLogin",
"Impersonation"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"code token",
"id_token",
"id_token token",
"token",
"none"
],
"response_modes_supported": [
"form_post",
"fragment",
"query"
],
"scopes_supported": [
"openid",
"offline_access",
"email",
"profile",
"phone",
"roles",
"address",
"KeToan"
],
"claims_supported": [
"aud",
"exp",
"iat",
"iss",
"sub"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"code_challenge_methods_supported": [
"S256"
],
"subject_types_supported": [
"public"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"introspection_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"revocation_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"claims_parameter_supported": false,
"request_parameter_supported": false,
"request_uri_parameter_supported": false,
"authorization_response_iss_parameter_supported": true
}`
This causes my client application to throw exceptions because I have RequireHttpsMetadata set to true in my IdentityServerAuthenticationOptions when calling UseIdentityServerAuthentication.
I could not find any settings for this in the IdentityServerOptions.
Thank you very much!
hi
The CLI uses system proxies.
How to check this? I try config proxy web browser same as a system and It's worked! But run CLI error 407