hi
the production env gives me this error
Can you share your EncryptionAndSigningCertificate code?
if (!hostingEnvironment.IsDevelopment())
{
PreConfigure<AbpOpenIddictAspNetCoreOptions>(options =>
{
options.AddDevelopmentEncryptionAndSigningCertificate = false;
});
PreConfigure<OpenIddictServerBuilder>(serverBuilder =>
{
serverBuilder.AddProductionEncryptionAndSigningCertificate("openiddict.pfx", configuration["AuthServer:CertificatePassPhrase"]!);
serverBuilder.SetIssuer(new Uri(configuration["AuthServer:Authority"]!));
});
}
hi
Can you test this PR with your actual link users data?
https://github.com/abpframework/abp/pull/23929
Thanks
hi
The source code ofconnect/token is in the OpenIddict library, and it is not a single endpoint. It has many handlers.
Thanks.
hi
Please set your log level to Debug and share the full logs.txt to liming.ma@volosoft.com
see https://abp.io/support/questions/8622/How-to-enable-Debug-logs-for-troubleshoot-problems
Thanks.
hi
Can you check and share the logs.txt of https://trust.itotem.io website?
Thanks.
hi
Can you check the network panel in your browser(Angular app)? The browser might have canceled this request(https://localhost:44348/api/abp/application-configuration?includeLocalizationResources=false).
that this error has appeared very rarely in v8.x and now - every time I invoke a request.
Can you call this endpoint in curl instead of a browser?
Thanks.
hi
We will address this issue in the next version.
Thanks.
hi dhill
Thanks for the solution. I will re-review some of this code to support all databases and a large number of linked users across tenants.
Your ticket has been refunded.
For SQL Server, you can use Recursive CTE Implementation to override the default queries.
Does this repository experience a lot of changes that we need to closely track?
This repository method will basically not change.
I will find a better way to address it.
Thanks.
hi
Try to change your oidc ProtocolMessage as below in production environment.
.AddAbpOpenIdConnect("oidc", options =>
{
//options.
options.Events.OnRedirectToIdentityProvider = redirectContext =>
{
redirectContext.ProtocolMessage.RedirectUri = "https://emeraldhealthcare.us/signin-oidc";
return Task.CompletedTask;
};
options.Events.OnRedirectToIdentityProviderForSignOut = redirectContext =>
{
redirectContext.ProtocolMessage.PostLogoutRedirectUri = "https://emeraldhealthcare.us/signout-callback-oidc";
return Task.CompletedTask;
};
})
hi
When you call AddSigningCertificate(certificate) with a specific X509Certificate2 object, OpenIddict uses it directly without validating expiration dates
Can you share the document url?
Thanks.
