Activities of "mogau.mokgabudi"
Thanks liangshiwei, I'll try the controller override method.
We're already using a policy for the other services and this allows us to check for the primary scope but also grant access if a child scope is permitted.
- ABP Framework version: v8.0.3
- UI Type: Angular
- Database System: EF Core (Oracle) / MongoDB
- Tiered (for MVC) or Auth Server Separated (for Angular): yes
- Exception message and full stack trace: None
- Steps to reproduce the issue: None
Hi guys, my team and I are planning to expose a few apis to external clients, and in doing so we want to limit certain apis using an OpenIddict scope. We've managed to successfully do this with our custom apis but having an issue the core abp apis.
These are some of them, we'd like to limit these apis using a scope. So only the application authorized can access these endpoints even if the authenticated user has the required roles /api/audit-logging/* /api/setting-management/* /api/file-management/*
Please assist
Regards, Mogau
Hi Masum,
Unfortunately I cannot change the abp angular code where the issue is, I have added an interceptor to remap those fields to mitigate the issue. Which version did you run a working version on?
- ABP Framework version: v7.2.3
- UI type: Angular
- DB provider: EF Core
- Tiered (MVC) or Auth Server Separated (Angular): no
- Exception message and stack trace:
- Steps to reproduce the issue:" Create a new solution with 2FA enabled, login, and once on the security code screen when you enter the code the OpenIddict request is rejected because of the wrong params casing
The wrong casing was sent by the security code service on angular
OpenIddict rejects the auth request because it can't find the relevant params for username and password (incorrect case sensitivity)
This breaks the 2FA flow because OpenIddict is rejecting the request Is it possible to override the security code service in the meantime?