Activities of "viswajwalith"

[liming.ma@volosoft.com] said: hi

Your Back office Web project has an indirect dependency on IdentityServer4

Please search code and remove it.

Hi, we made some changes to map all the claims received via token to claimsIdentity in "ConfigureServices" under web module file . After that change we are able to login and roles are showing as mapped but permissins are not mapping to the logged in user in backend.

If we check the permissions in JS we are able to see the proper permissions but not at backend so getting forbidden erros.

Please advise.

Note: We still using IdentityServer4 and if we are making callss to API via PostMan getting the data without any roles or permissions issues

            options.Events = new OpenIdConnectEvents
            {
                OnRemoteFailure = context =>
                {
                    Log.Information("Remote login failed: " + context.Failure?.Message);
                    return Task.CompletedTask;
                },
                OnTokenValidated = context =>
{
    Log.Information("Token validated!");

    var claimsIdentity = context.Principal.Identity as ClaimsIdentity;

    var idToken = context.ProtocolMessage.IdToken;
    var handler = new JwtSecurityTokenHandler();
    var token = handler.ReadJwtToken(idToken);

    foreach (var claim in token.Claims)
    {
        if (!claimsIdentity.HasClaim(c => c.Type == claim.Type && c.Value == claim.Value))
        {
            Log.Information($"Manually adding claim: {claim.Type} = {claim.Value}");
            claimsIdentity.AddClaim(claim);
        }
    }

    return Task.CompletedTask;
}
            };

It s not possible to send the code we may have the screenshare session to take this further.

Hi Maliming,

Sent you email.

Hi Maliming,

Sent you email.

Hi Maliming,

can you share your Email id.

Dear Maliming,

Is https://localhost:44321/ an Identity Server website? - No, It is not Identity server, it is Back office Web. Are you signed in by external login? - No

1. Check your user claims generation logic and ensure the sub claim is present and correctly mapped for the authenticated user. - sub claim is mapped for the authenticated user.
2. Review any custom profile service or claims transformation code to ensure it is not omitting the sub claim.- We did not implemented any custom logic.
3. If you are using custom login or external authentication providers, ensure they provide the sub claim in the identity token. - We did not implemented any custom logic and not using any external authentication providers

Can you please advise. as we dont want to change across multi servies and pages which have which is difficult to do

Thanks @berkansasmaz Please send the invite to srinivas.kazipeta@exceego.com and viswajwalith@exceego.com

[berkansasmaz] said: Hello 👋

If possible, please send your solution to support@abp.io, including the ticket number (#9445) in the subject or body of the email. So that I can help you faster.

---

Best regards, Berkan Şaşmaz Developer Advocate https://www.berkansasmaz.com

It s not possible to send the code we may have the screenshare session to take this further. Please advise