I get this Exception in the log I think it is start appear fter using EventBusKafkaModule
I have one function that assign permission to one user using PermissionGrant repository I am facing the issue that permission added to db but when user is logged in he didn't have permission on Ui and I thinl the problem from redis cache
the image show the addPermission function
how I can reset the Cache related to one module in Abp, permission module and other modules if we faced same issue
Hi,
I see that the endpoint api/abp/application-configuration is retrieving a punch of data even though the user is not authenticated
I do understand that it's meant to be public, but it's exposing unnecessary data like (Password policy, Lockout Policy, SignIn.RequireConfirmedEmail, multiTenancy status, AuditLogging.Enable, LanguageManagement.Enable, Account.EnableLdapLogin, Identity.EnableOAuthLogin )
is there a way to secure those ? maybe disabling them or making them available after authentication ? is this doable and is it gonna affect/breaks the front end application ?
i checked this article on how to extend them but can't seem to find a link in the docs about customizing that endpoint
Thanks
We get this Exception on production when seed OpenIdDict started couldn't execute this function (Abp function) FindByClientIdAsync(String clientId, CancellationToken cancellationToken)
[06:51:09 FTL] Host terminated unexpectedly!
Volo.Abp.AbpInitializationException: An error occurred during the initialize Volo.Abp.Modularity.OnApplicationInitializationModuleLifecycleContributor phase of the module NanoPBMNeo.NanoPBMNeoHttpApiHostModule, NanoPBMNeo.HttpApi.Host, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null: One or more errors occurred. (JsonObjectCreationHandling.Populate is incompatible with reference handling.). See the inner exception for details.
---> System.AggregateException: One or more errors occurred. (JsonObjectCreationHandling.Populate is incompatible with reference handling.)
---> System.InvalidOperationException: JsonObjectCreationHandling.Populate is incompatible with reference handling.
at System.Text.Json.ThrowHelper.ThrowInvalidOperationException_ObjectCreationHandlingPropertyCannotAllowReferenceHandling()
at System.Text.Json.Serialization.Metadata.JsonPropertyInfo.DetermineEffectiveObjectCreationHandlingForProperty()
at System.Text.Json.Serialization.Metadata.JsonPropertyInfo.Configure()
at System.Text.Json.Serialization.Metadata.JsonTypeInfo.ConfigureProperties()
at System.Text.Json.Serialization.Metadata.JsonTypeInfo.Configure()
at System.Text.Json.Serialization.Metadata.JsonTypeInfo.<EnsureConfigured>g__ConfigureSynchronized|172_0()
at System.Text.Json.JsonSerializerOptions.GetTypeInfoInternal(Type type, Boolean ensureConfigured, Nullable`1 ensureNotNull, Boolean resolveIfMutable, Boolean fallBackToNearestAncestorType)
at System.Text.Json.Serialization.Metadata.JsonPropertyInfo.Configure()
at System.Text.Json.Serialization.Metadata.JsonTypeInfo.ConfigureProperties()
at System.Text.Json.Serialization.Metadata.JsonTypeInfo.Configure()
at System.Text.Json.Serialization.Metadata.JsonTypeInfo.<EnsureConfigured>g__ConfigureSynchronized|172_0()
at System.Text.Json.JsonSerializerOptions.GetTypeInfoInternal(Type type, Boolean ensureConfigured, Nullable`1 ensureNotNull, Boolean resolveIfMutable, Boolean fallBackToNearestAncestorType)
at System.Text.Json.JsonSerializerOptions.GetTypeInfoForRootType(Type type, Boolean fallBackToNearestAncestorType)
at System.Text.Json.JsonSerializer.Deserialize(String json, Type returnType, JsonSerializerOptions options)
at Volo.Abp.Json.SystemTextJson.AbpSystemTextJsonSerializer.Deserialize(Type type, String jsonString, Boolean camelCase)
at Volo.Abp.Caching.Utf8JsonDistributedCacheSerializer.Deserialize[T](Byte[] bytes)
at Volo.Abp.Caching.DistributedCache`2.GetAsync(TCacheKey key, Nullable`1 hideErrors, Boolean considerUow, CancellationToken token)
at Volo.Abp.Caching.DistributedCache`2.GetOrAddAsync(TCacheKey key, Func`1 factory, Func`1 optionsFactory, Nullable`1 hideErrors, Boolean considerUow, CancellationToken token)
at Volo.Abp.OpenIddict.Applications.AbpOpenIddictApplicationCache.FindByClientIdAsync(String clientId, CancellationToken cancellationToken)
at OpenIddict.Core.OpenIddictApplicationManager`1.FindByClientIdAsync(String identifier, CancellationToken cancellationToken)
at OpenIddict.Core.OpenIddictApplicationManager`1.OpenIddict.Abstractions.IOpenIddictApplicationManager.FindByClientIdAsync(String identifier, CancellationToken cancellationToken)
at Nano_NanoPBMNeo.OpenIddict.OpenIddictDataSeedContributor.CreateApplicationAsync(String name, String type, String consentType, String displayName, String secret, List`1 grantTypes, List`1 scopes, String redirectUri, String postLogoutRedirectUri, List`1 permissions, String clientUri, String logoUri) in /app/src/NanoPBMNeo.Domain/OpenIddict/OpenIddictDataSeedContributor.cs:line 210
at Nano_NanoPBMNeo.OpenIddict.OpenIddictDataSeedContributor.CreateApplicationsAsync() in /app/src/NanoPBMNeo.Domain/OpenIddict/OpenIddictDataSeedContributor.cs:line 89
at Nano_NanoPBMNeo.OpenIddict.OpenIddictDataSeedContributor.SeedAsync(DataSeedContext context) in /app/src/NanoPBMNeo.Domain/OpenIddict/OpenIddictDataSeedContributor.cs:line 48
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at NanoPBMNeo.Data.Seeders.SeederService.Seed() in /app/src/NanoPBMNeo.Domain/Data/Seeders/Services/SeederService.cs:line 96
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions)
at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken)
at System.Threading.Tasks.Task.Wait()
at NanoPBMNeo.NanoPBMNeoHttpApiHostModule.OnApplicationInitialization(ApplicationInitializationContext context) in /app/src/NanoPBMNeo.HttpApi.Host/NanoPBMNeoHttpApiHostModule.cs:line 360
at Volo.Abp.Modularity.AbpModule.OnApplicationInitializationAsync(ApplicationInitializationContext context)
at Volo.Abp.Modularity.OnApplicationInitializationModuleLifecycleContributor.InitializeAsync(ApplicationInitializationContext context, IAbpModule module)
at Volo.Abp.Modularity.ModuleManager.InitializeModulesAsync(ApplicationInitializationContext context)
--- End of inner exception stack trace ---
at Volo.Abp.Modularity.ModuleManager.InitializeModulesAsync(ApplicationInitializationContext context)
at Volo.Abp.AbpApplicationBase.InitializeModulesAsync()
at Volo.Abp.AbpApplicationWithExternalServiceProvider.InitializeAsync(IServiceProvider serviceProvider)
at Microsoft.AspNetCore.Builder.AbpApplicationBuilderExtensions.InitializeApplicationAsync(IApplicationBuilder app)
We are building a client-facing SaaS application using ABP Framework. Some of our clients are able to detect that our system is based on ABP because of the following identifiers in the Angular app:
Endpoints (for examples )
/api/abp/application-configuration
/api/abp/application-localization
We would like to rename the controller prefix so that it uses our company’s namespace instead of abp.
Static Files
The Angular app references abp-bundle.css (see screenshot attached).
1- What is the recommended way to override/replace the controller name or route prefix for the built-in ABP Application Configuration and Localization endpoints and all abp end points ?
2- How can we change the generated CSS bundle name (currently abp-bundle.css) so it uses a custom prefix (e.g., company-bundle.css)?
Is there an officially supported approach to globally replace abp in exposed API routes, static files, and headers while keeping ABP updates compatible?
Environment: ABP latest version, separated Auth, angular App and . .NET9 host APi
We are deploying our ABP-based application using two microservices in Kubernetes: an Auth Server and a Host API.
In the Host API, we configure JWT authentication using AddAbpJwtBearer() with Authority and MetadataAddress pointing to the internal service address of the Auth Server , like so:
context.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddAbpJwtBearer(options => { options.Authority = configuration["AuthServer:Authority"]; options.MetadataAddress = configuration["AuthServer:MetaAddress"]!.EnsureEndsWith('/') + ".well-known/openid-configuration"; options.RequireHttpsMetadata = configuration.GetValue<bool>("AuthServer:RequireHttpsMetadata"); options.Audience = configuration["AuthServer:Audience"]; });
Problem:
Although the token is successfully returned after login, it fails validation in the Host API.
We receive this error when ValidateIssuer is enabled:
IDX10204: Unable to validate issuer. validationParameters.ValidIssuer is null or whitespace AND validationParameters.ValidIssuers is null. When setting ValidateIssuer = false options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = false, / or true with the correct issuer not working also
});
We then get: IDX10500: Signature validation failed. No security keys were provided to validate the signature. Even after setting
ValidateIssuerSigningKey = false,
token validation still fails, and no response is returned from the API. The Angular app remains stuck after login, and Swagger also returns unauthorized.
so, how to use MetadataAddress as an inner address and validate the token
we couldn't upload our code because it is a restricted environment
Hello, We need to add Authentication to the AbpHangfireDashboard We are using abp separated auth , API and angular I follow the documnetation to add Cooki Authorization context.Services.AddAuthentication() .AddCookie("Cookies") .AddOpenIdConnect("oidc", options => { options.Authority = configuration["AuthServer:Authority"]; options.RequireHttpsMetadata = configuration.GetValue<bool>("AuthServer:RequireHttpsMetadata"); options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
options.ClientId = configuration["AuthServer:ClientId"];
options.ClientSecret = configuration["AuthServer:ClientSecret"];
options.UsePkce = true;
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.Scope.Add("roles");
options.Scope.Add("email");
options.Scope.Add("phone");
options.Scope.Add("MyProjectName");
});
but when I run the project give me this Error error:invalid_request error_description:The specified 'redirect_uri' is not valid for this client application. error_uri:https://documentation.openiddict.com/errors/ID2043 culture:en ui-culture:en
Kindly provide me with all client setting because the documentation didn't mention about the client settings or grant type in order to Authenticate the /hangefire
We need to add new language to our system (Croatia) we create the resource file and add our application resources but for abp module how we can add new language resource file or values to each module? for example identity module
ABP Auth Server Integration Issue
The problem description : I have an ABP Auth Server application with MSSQL database. My ABP HostApi created in another solution with PostgreSQL database. I am trying to link the Host Api with the Auth server by add the connection string of auth app in the Appsetting file of host Api , after adjust the link of the Auth server inside the appsetting file. the behavior of the api always use the PostgreSQL source as shown in image . Note: Auth Server using ABP 9.0.0 , and API Host using ABP 9.1.0
How I implemented it: 1- add the modules connection strings in appsettings as shown
with out any changes in EntityFrameWorkCore module, the result not work.
2- Override the dB context with specific SQL provider , also not work
3- I tired to use grouping connection string, also not work
Hi ABP Support,
We are enterprise subscribers, and we’ve invested in the ABP platform to build a distributed microservice system. However, we are currently finding that the default microservice template promotes tight coupling through shared libraries, project references, and centralized DB access—particularly regarding the Identity module.
We need your architectural guidance and possibly a working sample for:
How can we fully decouple all services so that each microservice is independently buildable, testable, package, and deployable, using only REST/gRPC or messaging for communication?
