hi
I don't see why they should match. Please can you explain more?
This is a rule to validate a token, the server will get the issuer from the token and get the host from the HTTP context. eventually try to match them.
1. You can try to set the issuer and reissue a token.
serverBuilder.SetIssuer(new Uri("https://localhost/"));
public override void PreConfigureServices(ServiceConfigurationContext context)
{
var hostingEnvironment = context.Services.GetHostingEnvironment();
var configuration = context.Services.GetConfiguration();
PreConfigure<OpenIddictBuilder>(builder =>
{
builder.AddValidation(options =>
{
options.AddAudiences("MyProjectName");
options.UseLocalServer();
options.UseAspNetCore();
});
});
if (!hostingEnvironment.IsDevelopment())
{
PreConfigure<AbpOpenIddictAspNetCoreOptions>(options =>
{
options.AddDevelopmentEncryptionAndSigningCertificate = false;
});
PreConfigure<OpenIddictServerBuilder>(serverBuilder =>
{
serverBuilder.AddProductionEncryptionAndSigningCertificate("openiddict.pfx", "00000000-0000-0000-0000-000000000000");
serverBuilder.SetIssuer(new Uri(configuration["AuthServer:Authority"]!));
});
}
}
You can configure the TokenValidationParameters to disable to match the issuer and host.
or add https://localhost/ and https://localhost/auth to validissuers
https://learn.microsoft.com/en-us/dotnet/api/microsoft.identitymodel.tokens.tokenvalidationparameters.validissuer?view=msal-web-dotnet-latest#microsoft-identitymodel-tokens-tokenvalidationparameters-validissuer
https://learn.microsoft.com/en-us/dotnet/api/microsoft.identitymodel.tokens.tokenvalidationparameters.validissuers?view=msal-web-dotnet-latest#microsoft-identitymodel-tokens-tokenvalidationparameters-validissuers
hi
Can you share the code that creates SglBaseProject_Web?
You need the OpenIddictConstants.GrantTypes.Password
https://github.com/abpframework/abp/blob/dev/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Domain/OpenIddict/OpenIddictDataSeedContributor.cs#L122-L125
hi
The 8923ECD9CC3A022B71E966D19950185C is the md5 of scripts content.
So, it should be the same for all instances.
hi
My goal is use my openId provider for host but not all tenant can use it if a tenant need it can set it up on administration area.
You can override the ExternalProviderSettingsHelper to implement this.
abp/account/src/Volo.Abp.Account.Pro.Shared.Application/Volo/Abp/Account/ExternalProviders/ExternalProviderSettingsHelper.cs
Download the account pro module to check its source code.
hi franciscokadzi
Can you share a simple project?
liming.ma@volosoft.com
Thanks
hi
You can add a tenantid parameter to the methods.
BackgroundJob.Schedule(() => CleanUpMediaMedBridge(tenantid), TimeSpan.FromHours(4));
public async Task CleanUpMediaMedBridge(Guid? tenantid)
{
//https://docs.abp.io/en/abp/latest/Multi-Tenancy#change-the-current-tenant
}
The CleanUpMediaMedBridge method is called by hangfire. So it will lose all context.
hi
Please share the logs.txt
liming.ma@volosoft.com
Thanks
hi
What's the ReturnUrl value of emailArgs?
var emailArgs = new SendEmailConfirmationTokenDto
{
AppName = "MVC",
ReturnUrl = ReturnUrl,
ReturnUrlHash = ReturnUrlHash,
UserId = user.Id,
};
hi
I didn't receive the logs. Can you share it by https://wetransfer.com/ liming.ma@volosoft.com
Thanks
hi
Can you share a simple project to reproduce?
liming.ma@volosoft.com
