Hello, while my project is running smoothly through the IDE locally, when it is started with docker-compose it fails at the authentication stage and gives the following error.
docker compose logs -n 200 visaflowapp-api | egrep -i 'OpenIddict|IDX|issuer|aud|metadata|jwks|signature'
visaflowapp-api | Microsoft.IdentityModel.Tokens.SecurityTokenInvalidIssuerException: IDX10204: Unable to validate issuer. validationParameters.ValidIssuer is null or whitespace AND validationParameters.ValidIssuers is null or empty.
visaflowapp-api | at Microsoft.IdentityModel.Tokens.Validators.ValidateIssuerAsync(String issuer, SecurityToken securityToken, TokenValidationParameters validationParameters, BaseConfiguration configuration)
visaflowapp-api | at Microsoft.IdentityModel.Tokens.Validators.ValidateIssuer(String issuer, SecurityToken securityToken, TokenValidationParameters validationParameters, BaseConfiguration configuration)
visaflowapp-api | at Microsoft.IdentityModel.Tokens.InternalValidators.ValidateAfterSignatureFailed(SecurityToken securityToken, Nullable1 notBefore, Nullable
1 expires, IEnumerable`1 audiences, TokenValidationParameters validationParameters, BaseConfiguration configuration)
visaflowapp-api | at Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateSignature(JsonWebToken jwtToken, TokenValidationParameters validationParameters, BaseConfiguration configuration)
visaflowapp-api | at Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateSignatureAndIssuerSecurityKey(JsonWebToken jsonWebToken, TokenValidationParameters validationParameters, BaseConfiguration configuration)
visaflowapp-api | [22:03:50 INF] Bearer was not authenticated. Failure message: IDX10204: Unable to validate issuer. validationParameters.ValidIssuer is null or whitespace AND validationParameters.ValidIssuers is null or empty.
visaflowapp-api | [22:03:50 INF] Route matched with {area = "account", controller = "Profile", action = "Get", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Volo.Abp.Account.ProfileDto] GetAsync() on controller Volo.Abp.Account.ProfileController (Volo.Abp.Account.Pro.Public.HttpApi).
visaflowapp-api | at Volo.Abp.Auditing.AuditingInterceptor.ProceedByLoggingAsync(IAbpMethodInvocation invocation, AbpAuditingOptions options, IAuditingHelper auditingHelper, IAuditLogScope auditLogScope)
visaflowapp-api | at Volo.Abp.Auditing.AuditingInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
And This is my YML File
services:
visaflowapp-angular:
image: code35/visaflowapp-angular:latest
container_name: visaflowapp-angular
build:
context: ../../angular/
dockerfile: Dockerfile.local
ports:
- "4200:80"
depends_on:
- visaflowapp-api
volumes:
- ./dynamic-env.json:/usr/share/nginx/html/dynamic-env.json
networks:
- abp-network
restart: on-failure
oidc-meta-proxy:
image: nginx:alpine
container_name: oidc-meta-proxy
depends_on:
- visaflowapp-authserver
networks:
- abp-network
volumes:
- ./nginx.oidc.conf:/etc/nginx/conf.d/default.conf:ro
visaflowapp-api:
image: code35/visaflowapp-api:latest
container_name: visaflowapp-api
hostname: visaflowapp-api
build:
context: ../../src/CODE35.VisaFlowApp.HttpApi.Host/
dockerfile: Dockerfile.local
environment:
- ASPNETCORE_URLS=https://+:8081;http://+:8080;
- Kestrel__Certificates__Default__Path=/app/certs/localhost.pfx
- Kestrel__Certificates__Default__Password=faffff5e-cfd2-4d3c-b99c-9bfc3926e7c6
- App__SelfUrl=https://localhost:44360
- App__AngularUrl=http://localhost:4200
- App__CorsOrigins=http://localhost:4200
- App__HealthCheckUrl=http://visaflowapp-api:8080/health-status
- AuthServer__SwaggerClientId=VisaFlowApp_Swagger
- OpenIddict__Validation__Audience=VisaFlowApp
- OpenIddict__Validation__Issuer=https://localhost:44317/
- OpenIddict__Validation__MetadataAddress=http://visaflowapp-authserver:8080/.well-known/openid-configuration
- OpenIddict__Validation__DisableTransportSecurityRequirement=true
- ConnectionStrings__Default=Data Source=213.238.169.235;Database=code35_visaflow_devim;User Id=sa;Password=*********;TrustServerCertificate=True;
- Redis__Configuration=redis
- Logging__LogLevel__Default=Information
- Logging__LogLevel__Microsoft.IdentityModel=Debug
- Logging__LogLevel__OpenIddict=Debug
extra_hosts:
- "localhost:host-gateway"
- "host.docker.internal:host-gateway"
ports:
- "44360:8081"
depends_on:
redis:
condition: service_healthy
healthcheck:
test: ["CMD", "wget", "-qO-", "http://localhost:8080/health-status"]
interval: 10s
timeout: 3s
retries: 10
restart: on-failure
volumes:
- ./certs:/app/certs
- dpkeys:/root/.aspnet/DataProtection-Keys
networks:
- abp-network
visaflowapp-authserver:
image: code35/visaflowapp-authserver:latest
container_name: visaflowapp-authserver
build:
context: ../../src/CODE35.VisaFlowApp.AuthServer/
dockerfile: Dockerfile.local
environment:
- ASPNETCORE_URLS=https://+:8081;http://+:8080;
- App__SelfUrl=https://localhost:44317
- AuthServer__RequireHttpsMetadata=false
- App__CorsOrigins=http://localhost:4200,https://localhost:44360
- App__HealthCheckUrl=http://visaflowapp-authserver:8080/health-status
- AuthServer__Authority=https://localhost:44317/
- Kestrel__Certificates__Default__Path=/app/certs/localhost.pfx
- Kestrel__Certificates__Default__Password=faffff5e-cfd2-4d3c-b99c-9bfc3926e7c6
- ConnectionStrings__Default=Data Source=213.238.169.235;Database=code35_visaflow_devim;User Id=sa;Password=*********;TrustServerCertificate=True;
- Redis__Configuration=redis
- OpenIddict__Server__DisableTransportSecurityRequirement=true
ports:
- "44317:8081"
depends_on:
redis:
condition: service_healthy
healthcheck:
test: ["CMD", "wget", "-qO-", "http://localhost:8080/health-status"]
interval: 10s
timeout: 3s
retries: 10
restart: on-failure
volumes:
- ./certs:/app/certs
- dpkeys:/root/.aspnet/DataProtection-Keys
networks:
- abp-network
db-migrator:
image: code35/visaflowapp-db-migrator:latest
container_name: db-migrator
build:
context: ../../src/CODE35.VisaFlowApp.DbMigrator/
dockerfile: Dockerfile.local
environment:
- OpenIddict__Applications__VisaFlowApp_App__RootUrl=http://localhost:4200
- OpenIddict__Applications__VisaFlowApp_Swagger__RootUrl=https://localhost:44360
- ConnectionStrings__Default=Data Source=213.238.169.235;Database=code35_visaflow_devim;User Id=sa;Password=*********;TrustServerCertificate=True;
- Redis__Configuration=redis
restart: on-failure
networks:
- abp-network
redis:
container_name: redis
image: redis:alpine
ports:
- "6379:6379"
networks:
- abp-network
healthcheck:
test: ["CMD", "redis-cli", "ping"]
restart: on-failure
volumes:
dpkeys:
name: visaflowapp_dpkeys
driver: local
networks:
abp-network:
name: visaflowapp-network
driver: bridge