Good news.
Your AuthServer project
PreConfigure<OpenIddictServerBuilder>(builder =>
{
builder.RemoveEventHandler(OpenIddictServerHandlers.Session.ValidateAuthorizedParty.Descriptor);
builder.AddEventHandler(AbpValidateAuthorizedParty.Descriptor);
}
using Microsoft.Extensions.Options;
using OpenIddict.Abstractions;
using OpenIddict.Server;
using Volo.Abp;
using Volo.Abp.OpenIddict.WildcardDomains;
using Volo.Abp.Text.Formatting;
namespace OpenIddict.Demo.Server;
public class AbpValidateAuthorizedParty : IOpenIddictServerHandler<OpenIddictServerEvents.ValidateLogoutRequestContext>
{
public static OpenIddictServerHandlerDescriptor Descriptor { get; }
= OpenIddictServerHandlerDescriptor.CreateBuilder<OpenIddictServerEvents.ValidateLogoutRequestContext>()
.UseScopedHandler<AbpValidateAuthorizedParty>()
.SetOrder(OpenIddictServerHandlers.Session.ValidateToken.Descriptor.Order + 1_000)
.SetType(OpenIddictServerHandlerType.BuiltIn)
.Build();
protected AbpOpenIddictWildcardDomainOptions WildcardDomainOptions { get; }
protected IOpenIddictApplicationManager ApplicationManager { get; }
public AbpValidateAuthorizedParty(IOptions<AbpOpenIddictWildcardDomainOptions> wildcardDomainOptions,IOpenIddictApplicationManager applicationManager)
{
WildcardDomainOptions = wildcardDomainOptions.Value;
ApplicationManager = applicationManager;
}
public async ValueTask HandleAsync(OpenIddictServerEvents.ValidateLogoutRequestContext context)
{
Check.NotNull(context, nameof(context));
Check.NotNull(context.IdentityTokenHintPrincipal, nameof(context.IdentityTokenHintPrincipal));
if (await CheckWildcardDomainAsync(context.PostLogoutRedirectUri))
{
return;
}
await new OpenIddictServerHandlers.Session.ValidateAuthorizedParty(ApplicationManager).HandleAsync(context);
}
protected virtual Task<bool> CheckWildcardDomainAsync(string url)
{
foreach (var domainFormat in WildcardDomainOptions.WildcardDomainsFormat)
{
var extractResult = FormattedStringValueExtracter.Extract(url, domainFormat, ignoreCase: true);
if (extractResult.IsMatch)
{
return Task.FromResult(true);
}
}
foreach (var domainFormat in WildcardDomainOptions.WildcardDomainsFormat)
{
if (domainFormat.Replace("{0}.", "").Equals(url, StringComparison.OrdinalIgnoreCase))
{
return Task.FromResult(true);
}
}
return Task.FromResult(false);
}
}
This PR will fix the The logout request was rejected because the identity token used as a hint was issued to a different client.
https://github.com/abpframework/abp/pull/15898
I will share a solution in 7.0.3, wait a minute.
hi
Can I reproduce the problem locally?
hi
Please share your full code to reproduce the error. liming.ma@volosoft.com
hi
I don't think the following is working:
Have you tried it? This is the correct way to do it now. And I believe it will work.
Is it necessary to always run DB Migrator?
You need to use Migrator to create a new database.
https://docs.abp.io/en/abp/latest/Entity-Framework-Core-Migrations
By doing this, the database is successfully created,
Please undo this.
hi
Rename EfCoreReferenceDataRepository to EfCoreTempReferenceDataRepository
