Activities of "inavarro.cp"

Perfect, it's already working for me. Thanks

I have already been able to solve it. Here I have the certificate.

In the environment variables I have added the thumbprint of my certificate

This is the new code I added

public override void PreConfigureServices(ServiceConfigurationContext context)
    {
        var hostingEnvironment = context.Services.GetHostingEnvironment();
        var configuration = context.Services.GetConfiguration();

        PreConfigure<OpenIddictBuilder>(builder =>
        {
            builder.AddValidation(options =>
            {
                options.AddAudiences("WebApp");
                options.UseLocalServer();
                options.UseAspNetCore();
            });
        });

        if (!hostingEnvironment.IsDevelopment())
        {
            PreConfigure<AbpOpenIddictAspNetCoreOptions>(options =>
            {
                options.AddDevelopmentEncryptionAndSigningCertificate = false;
            });

            PreConfigure<OpenIddictServerBuilder>(serverBuilder =>
            {
                // Obtén el thumbprint del certificado desde la variable de entorno
                var certificateThumbprint = Environment.GetEnvironmentVariable("WEBSITE_LOAD_CERTIFICATES");

                if (!string.IsNullOrWhiteSpace(certificateThumbprint))
                {
                    // Obtén el certificado directamente desde Azure App Service
                    var certificate = GetCertificateFromAzure(certificateThumbprint);

                    if (certificate == null)
                    {
                        throw new InvalidOperationException($"No se pudo encontrar el certificado con thumbprint '{certificateThumbprint}' en Azure App Service.");
                    }

                    serverBuilder.AddEncryptionCertificate(certificate);
                    serverBuilder.AddSigningCertificate(certificate);
                }
                else
                {
                    throw new InvalidOperationException("La variable de entorno 'WEBSITE_LOAD_CERTIFICATES' no está configurada o está vacía.");
                }

                // Establece el issuer a partir de la configuración
                serverBuilder.SetIssuer(new Uri(configuration["AuthServer:Authority"]!));
            });
        }
    }

    private X509Certificate2? GetCertificateFromAzure(string thumbprint)
    {
        try
        {
            var store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
            store.Open(OpenFlags.ReadOnly);

            var certificate = store.Certificates
                .Find(X509FindType.FindByThumbprint, thumbprint, validOnly: false)
                .OfType<X509Certificate2>()
                .FirstOrDefault();

            store.Close();

            return certificate;
        }
        catch (Exception ex)
        {
            throw new InvalidOperationException("Error al cargar el certificado desde Azure App Service.", ex);
        }
    }

In my environment variable WEBSITE_LOAD_CERTIFICATES I store the Thumbprint of the certificate.

What we really want to do is ensure that a user cannot be deleted if they have created reports, since we would lose the traceability of who made said report. What do you propose to do?

If I need the CreatorId property to be mandatory, what would you recommend I do?

These are the logs generated by the Identity:

Volo.Abp.AbpInitializationException: An error occurred during ConfigureServicesAsync phase of the module Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule, Volo.Abp.OpenIddict.AspNetCore, Version=6.0.1.0, Culture=neutral, PublicKeyToken=null. See the inner exception for details.
 ---> System.IO.FileNotFoundException: Signing Certificate couldn't found: openiddict.pfx
   at Microsoft.Extensions.DependencyInjection.OpenIddictServerBuilderExtensions.AddProductionEncryptionAndSigningCertificate(OpenIddictServerBuilder builder, String fileName, String passPhrase) in /home/runner/work/Cincaporc.WebApp/Cincaporc.WebApp/src/Cincaporc.WebApp.AuthServer/OpenIddictServerBuilderExtensions.cs:line 13
   at Cincaporc.WebApp.WebAppAuthServerModule.<>c__DisplayClass0_0.<PreConfigureServices>b__2(OpenIddictServerBuilder serverBuilder) in /home/runner/work/Cincaporc.WebApp/Cincaporc.WebApp/src/Cincaporc.WebApp.AuthServer/WebAppAuthServerModule.cs:line 96
   at Volo.Abp.Options.PreConfigureActionList`1.Configure(TOptions options)
   at Microsoft.Extensions.DependencyInjection.ServiceCollectionPreConfigureExtensions.ExecutePreConfiguredActions[TOptions](IServiceCollection services, TOptions options)
   at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.&lt;&gt;c__DisplayClass1_0.&lt;AddOpenIddictServer&gt;b__0(OpenIddictServerBuilder builder)
   at Microsoft.Extensions.DependencyInjection.OpenIddictServerExtensions.AddServer(OpenIddictBuilder builder, Action`1 configuration)
   at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.AddOpenIddictServer(IServiceCollection services)
   at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.ConfigureServices(ServiceConfigurationContext context)
   at Volo.Abp.Modularity.AbpModule.ConfigureServicesAsync(ServiceConfigurationContext context)
   at Volo.Abp.AbpApplicationBase.ConfigureServicesAsync()

These are the logs generated by the GitHubActions:

Run dotnet dev-certs https -v -ep /home/runner/.dotnet/Cincaporc.WebApp.AuthServer/openiddict.pfx -p 00000000-0000-0000-0000-000000000000
  
[1] Listing certificates from CurrentUser\My
[2] Found certificates: 1 certificate
    1) 85401136598E5431084B7F11E2486FA96A65D658 - CN=localhost - Valid from 2024-08-09 10:24:49Z to 2025-08-09 10:24:49Z - IsHttpsDevelopmentCertificate: true - IsExportable: true
[3] Checking certificates validity
[4] Valid certificates: 1 certificate
    1) 85401136598E5431084B7F11E2486FA96A65D658 - CN=localhost - Valid from 2024-08-09 10:24:49Z to 2025-08-09 10:24:49Z - IsHttpsDevelopmentCertificate: true - IsExportable: true
[5] Invalid certificates: no certificates
[6] Finished listing certificates.
[1] Listing certificates from LocalMachine\My
[7] An error occurred while listing the certificates: System.Security.Cryptography.CryptographicException: Unix LocalMachine X509Store is limited to the Root and CertificateAuthority stores.
 ---> System.PlatformNotSupportedException: Unix LocalMachine X509Store is limited to the Root and CertificateAuthority stores.
   --- End of inner exception stack trace ---
   at Internal.Cryptography.Pal.StorePal.FromSystemStore(String storeName, StoreLocation storeLocation, OpenFlags openFlags)
   at System.Security.Cryptography.X509Certificates.X509Store.Open(OpenFlags flags)
   at Microsoft.AspNetCore.Certificates.Generation.CertificateManager.ListCertificates(StoreName storeName, StoreLocation location, Boolean isValid, Boolean requireExportable)
[8] Filtered certificates: 1 certificate
    1) 85401136598E5431084B7F11E2486FA96A65D658 - CN=localhost - Valid from 2024-08-09 10:24:49Z to 2025-08-09 10:24:49Z - IsHttpsDevelopmentCertificate: true - IsExportable: true
[9] Excluded certificates: no certificates
[14] Valid certificates: 1 certificate
    1) 85401136598E5431084B7F11E2486FA96A65D658 - CN=localhost - Valid from 2024-08-09 10:24:49Z to 2025-08-09 10:24:49Z - IsHttpsDevelopmentCertificate: true - IsExportable: true
[15] Selected certificate: 85401136598E5431084B7F11E2486FA96A65D658 - CN=localhost - Valid from 2024-08-09 10:24:49Z to 2025-08-09 10:24:49Z - IsHttpsDevelopmentCertificate: true - IsExportable: true
[23] Saving certificate '85401136598E5431084B7F11E2486FA96A65D658 - CN=localhost - Valid from 2024-08-09 10:24:49Z to 2025-08-09 10:24:49Z - IsHttpsDevelopmentCertificate: true - IsExportable: true' to /home/runner/.dotnet/Cincaporc.WebApp.AuthServer/openiddict.pfx with private key.
[25] Creating directory /home/runner/.dotnet/Cincaporc.WebApp.AuthServer.
[27] Writing the certificate to: /home/runner/.dotnet/Cincaporc.WebApp.AuthServer/openiddict.pfx.
A valid HTTPS certificate is already present.
The certificate was exported to /home/runner/.dotnet/Cincaporc.WebApp.AuthServer/openiddict.pfx

Perfect, this is already working for us. Thank you so much

We already solved the previous error, but now we get this new error, this happens when launching Application.Tests.

Cincaporc.WebApp.Adss.AdssAppServiceTests.CreateAsync Origen: AdsApplicationTests.cs línea 46 Duración: 1 ms

Mensaje:  Volo.Abp.AbpInitializationException : An error occurred during the initialize Volo.Abp.Modularity.OnPreApplicationInitializationModuleLifecycleContributor phase of the module Volo.Abp.BackgroundWorkers.Hangfire.AbpBackgroundWorkersHangfireModule, Volo.Abp.BackgroundWorkers.Hangfire, Version=6.0.1.0, Culture=neutral, PublicKeyToken=null: An exception was thrown while activating λ:Volo.Abp.Hangfire.AbpHangfireBackgroundJobServer -> λ:Hangfire.JobStorage.. See the inner exception for details. ---- Autofac.Core.DependencyResolutionException : An exception was thrown while activating λ:Volo.Abp.Hangfire.AbpHangfireBackgroundJobServer -> λ:Hangfire.JobStorage. -------- System.InvalidOperationException : JobStorage.Current property value has not been initialized. You must set it before using Hangfire Client or Server API.

Seguimiento de la pila:  ModuleManager.InitializeModules(ApplicationInitializationContext context) AbpApplicationBase.InitializeModules() AbpApplicationWithExternalServiceProvider.Initialize(IServiceProvider serviceProvider) AbpIntegratedTest1.ctor() WebAppTestBase1.ctor() WebAppApplicationTestBase.ctor() AdssAppServiceTests.ctor() línea 15 RuntimeType.CreateInstanceDefaultCtor(Boolean publicOnly, Boolean wrapExceptions) ----- Inner Stack Trace ----- ActivatorErrorHandlingMiddleware.Execute(ResolveRequestContext context, Action1 next) <>c__DisplayClass14_0.<BuildPipeline>b__1(ResolveRequestContext ctxt) ResolvePipeline.Invoke(ResolveRequestContext ctxt) RegistrationPipelineInvokeMiddleware.Execute(ResolveRequestContext context, Action1 next) <>c__DisplayClass14_0.<BuildPipeline>b__1(ResolveRequestContext ctxt) <>c__DisplayClass5_0.<Execute>b__0() LifetimeScope.CreateSharedInstance(Guid id, Func1 creator) LifetimeScope.CreateSharedInstance(Guid primaryId, Nullable1 qualifyingId, Func1 creator) SharingMiddleware.Execute(ResolveRequestContext context, Action1 next) <>c__DisplayClass14_0.<BuildPipeline>b__1(ResolveRequestContext ctxt) <>c__DisplayClass14_0.<BuildPipeline>b__1(ResolveRequestContext ctxt) CircularDependencyDetectorMiddleware.Execute(ResolveRequestContext context, Action1 next) <>c__DisplayClass14_0.<BuildPipeline>b__1(ResolveRequestContext ctxt) ResolvePipeline.Invoke(ResolveRequestContext ctxt) ResolveOperation.GetOrCreateInstance(ISharingLifetimeScope currentOperationScope, ResolveRequest request) ResolveOperation.ExecuteOperation(ResolveRequest request) ResolveOperation.Execute(ResolveRequest request) LifetimeScope.ResolveComponent(ResolveRequest request) ResolutionExtensions.TryResolveService(IComponentContext context, Service service, IEnumerable1 parameters, Object& instance) ResolutionExtensions.ResolveService(IComponentContext context, Service service, IEnumerable1 parameters) ResolutionExtensions.Resolve(IComponentContext context, Type serviceType, IEnumerable1 parameters) ResolutionExtensions.Resolve(IComponentContext context, Type serviceType) AutofacServiceProvider.GetRequiredService(Type serviceType) ServiceProviderServiceExtensions.GetRequiredService(IServiceProvider provider, Type serviceType) ServiceProviderServiceExtensions.GetRequiredService[T](IServiceProvider provider) HangfireBackgroundWorkerManager.StartAsync(CancellationToken cancellationToken) AbpBackgroundWorkersHangfireModule.OnPreApplicationInitializationAsync(ApplicationInitializationContext context) TaskExtensions.WaitAndUnwrapException(Task task) <>c__DisplayClass15_0.<Run>b__0(Task t) ContinuationTaskFromTask.InnerInvoke() <.cctor>b__272_0(Object obj) ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state) --- End of stack trace from previous location --- ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state) Task.ExecuteWithThreadLocal(Task& currentTaskSlot, Thread threadPoolThread) --- End of stack trace from previous location --- TaskExtensions.WaitAndUnwrapException(Task task) AsyncContext.Run(Func1 action) AsyncHelper.RunSync(Func1 action) AbpBackgroundWorkersHangfireModule.OnPreApplicationInitialization(ApplicationInitializationContext context) OnPreApplicationInitializationModuleLifecycleContributor.Initialize(ApplicationInitializationContext context, IAbpModule module) ModuleManager.InitializeModules(ApplicationInitializationContext context) ----- Inner Stack Trace ----- JobStorage.get_Current() <>c.<AddHangfire>b__1_0(IServiceProvider _) <>c__DisplayClass13_01.<TryAddSingletonChecked>b__0(IServiceProvider serviceProvider) <>c__DisplayClass3_0.<Register>b__0(IComponentContext context, IEnumerable1 parameters) DelegateActivator.ActivateInstance(IComponentContext context, IEnumerable1 parameters) DelegateActivator.<ConfigurePipeline>b__2_0(ResolveRequestContext ctxt, Action1 next) DelegateMiddleware.Execute(ResolveRequestContext context, Action1 next) <>c__DisplayClass14_0.<BuildPipeline>b__1(ResolveRequestContext ctxt) DisposalTrackingMiddleware.Execute(ResolveRequestContext context, Action1 next) <>c__DisplayClass14_0.<BuildPipeline>b__1(ResolveRequestContext ctxt) ActivatorErrorHandlingMiddleware.Execute(ResolveRequestContext context, Action`1 next)

Hi, We have already removed the login part from ABP in the Github Actions. Our license is on file appsettings.secrets.json. Now when we run the Github Actions in the migration part it shows us the following error: Error: Process completed with exit code 214.