Activities of "shobhit"

Hello maliming, Thanks for link. But can you help me more preciously what classes i have to extend. For ex. regarding point 1, i got one answer

1. An admin user, registers a new user

   1. In *.Application, Create new class and override IdentityUserAppService --> CreateAsync() method

2. A user do self register

3. A user do self login first time via LDAP/ AzureAD (user registeration is inbuilt process if user doesn't exist)

4. A Role assigned or removed from the user

No Problem maliming. Issue resolved after fresh build.

Error Screen shot:

Identity server Log https://xpertladr-my.sharepoint.com/:t:/p/shobhit/EbK2QoRkdRJGvRX_ph7D5rIBCejmlhwAwYWLqSCWsOvSCQ?e=UPBVJf

sorry Maliming. could not understand

.AddOpenIdConnect("AzureOpenId", "Azure AD OpenId", options =>
            {
                options.Authority = "https://login.microsoftonline.com/" + configuration["AzureAd:TenantId"];
                options.ClientId = configuration["AzureAd:ClientId"];
                options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
                options.CallbackPath = configuration["AzureAd:CallbackPath"];
                options.ClientSecret = configuration["AzureAd:ClientSecret"];
                options.RequireHttpsMetadata = false;
                options.SaveTokens = true;
                options.GetClaimsFromUserInfoEndpoint = true;
                options.Scope.Add("email");

                options.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "sub");
            });

To me seems CORS issue

Just to update only Identity server login is working fine but when going from angular UI to identity ui then it is breaking

please share the email id

Getting below error in log:

2021-12-21 13:40:29.501 +05:30 [INF] CORS policy execution failed. 2021-12-21 13:40:29.501 +05:30 [INF] Request origin https://login.microsoftonline.com does not have permission to access the resource. 2021-12-21 13:40:30.811 +05:30 [ERR] Message contains error: 'invalid_client', error_description: 'AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'. Trace ID: 3b2ea9b0-9960-46a4-8c5b-8ceae36e1a00 Correlation ID: d1884fb2-ab78-4e7a-8c35-cc9d54aee141 Timestamp: 2021-12-21 08:10:58Z', error_uri: 'https://login.microsoftonline.com/error?code=7000218', status code '401'. 2021-12-21 13:40:30.812 +05:30 [ERR] Exception occurred while processing message. Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolException: Message contains error: 'invalid_client', error_description: 'AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'. Trace ID: 3b2ea9b0-9960-46a4-8c5b-8ceae36e1a00 Correlation ID: d1884fb2-ab78-4e7a-8c35-cc9d54aee141 Timestamp: 2021-12-21 08:10:58Z', error_uri: 'https://login.microsoftonline.com/error?code=7000218'. at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.RedeemAuthorizationCodeAsync(OpenIdConnectMessage tokenEndpointRequest) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync() 2021-12-21 13:40:30.813 +05:30 [INF] Error from RemoteAuthentication: Message contains error: 'invalid_client', error_description: 'AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'. Trace ID: 3b2ea9b0-9960-46a4-8c5b-8ceae36e1a00 Correlation ID: d1884fb2-ab78-4e7a-8c35-cc9d54aee141 Timestamp: 2021-12-21 08:10:58Z', error_uri: 'https://login.microsoftonline.com/error?code=7000218'.. 2021-12-21 13:40:30.814 +05:30 [ERR] An unhandled exception has occurred while executing the request. System.Exception: An error was encountered while handling the remote login. ---> Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolException: Message contains error: 'invalid_client', error_description: 'AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'. Trace ID: 3b2ea9b0-9960-46a4-8c5b-8ceae36e1a00 Correlation ID: d1884fb2-ab78-4e7a-8c35-cc9d54aee141 Timestamp: 2021-12-21 08:10:58Z', error_uri: 'https://login.microsoftonline.com/error?code=7000218'. at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.RedeemAuthorizationCodeAsync(OpenIdConnectMessage tokenEndpointRequest) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync() --- End of inner exception stack trace --- at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync() at IdentityServer4.Hosting.FederatedSignOut.AuthenticationRequestHandlerWrapper.HandleRequestAsync() at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Volo.Abp.AspNetCore.Tracing.AbpCorrelationIdMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<

Thanks a lot @gvnuysal, @maliming

Thanks maliming. Issue solved. Problem lies here:

if (!hostingEnvironment.IsDevelopment()) { ConnectionMultiplexer redis = ConnectionMultiplexer.Connect(configuration["Redis:Configuration"]); context.Services .AddDataProtection() .PersistKeysToStackExchangeRedis(redis, "EzpandCC-Protection-Keys") .SetApplicationName("MVC"); }

comment the If statement so that keys can be persited.

could not understand which step to follow. Anyway i followed step to "It works for me after SetApplicationName" but still i am getting same issue