Activities of "liangshiwei"

And could you share the logs of account.abc.com?

Hi,

https://identityserver4.readthedocs.io/en/latest/endpoints/endsession.html#example

I think there is no problem, first, you should add the PostLogoutRedirectUri to the xyz.abc.com's identityserver client.

second, configure the RedirectAllowedUrls in the appsettings.json file.

Hi,

You can change the current tenant to get tenant data:

using(CurrentTenant.Change(tenantGuid))
{
    var saasKeyChain = await _saasKeyChainRepository.FindAsync(apiSecretKey);
    if(saasKeyChain == null)
    {
        throw new UserFriendlyException(.....);
    }
}

Hi,

Will it work if you configure the clockSkewInSec in environment file?

export const environment = {
  production: false,
  application: {
    baseUrl,
    name: 'MyProjectName',
    logoUrl: '',
  },
  oAuthConfig: {
    issuer: 'https://localhost:44305/',
    redirectUri: baseUrl,
    clientId: 'MyProjectName_App',
    responseType: 'code',
    scope: 'offline_access MyProjectName',
    requireHttps: true,
    clockSkewInSec: 100
  },
  apis: {
    default: {
      url: 'https://localhost:44305',
      rootNamespace: 'MyCompanyName.MyProjectName',
    },
  },
} as Environment;

Hi,

ABP uses angular-oauth2-oidc libary, you can check the code here: https://github.com/manfredsteyer/angular-oauth2-oidc/blob/f1d3c38bdc77b37a21df2e63f8cbe40eadfc6152/projects/lib/src/oauth-service.ts#L2268-L2279

Hi,

The problem has been fixed in the 7.4.4 version, could you upgrade your cli&suite and try again?

Hi,

The problem should be fixed in the patch version, could you upgrade your suite&cli version and try again?

Hi,

Or you mind to explain about the multi-tenant data isolation?

Ok, if the entity implements a IMultiTenant interface. a tenant(and host) can not access to data of another tenant by default.

https://docs.abp.io/en/abp/latest/Multi-Tenancy#imultitenant

You can check the TenantId value in the database table record.

According to your case, the ApiSecret 3a0f98fc-179f..... 's TenantId should be 3a0f9797-934e-16b0....

Hi,

I guess it may be due to multi-tenant data isolation.

You can check it by debugging or outputting logs:

Guid tenantGuid = ....;
logger.LogInformation($"------  TenantGuid is {tenantGuid}");
using(CurrentTenant.Change(tenantGuid))
{
    var apiSecretKey = Guid.Parse(request.ApiSecretKey);
    logger.LogInformation($"------  ApiSecretKey is {apiSecretKey}");
    var saasKeyChain = await _saasKeyChainRepository.FindAsync(apiSecretKey);
    if(saasKeyChain == null)
    {
        throw new UserFriendlyException(.....);
    }
}

We will fix the problem in the next patch version, your ticket was refunded.