Hi
You can see as below images.
Hi
I used AbpHttpClientIdentityModelWebModule as you said then IAbpAccessTokenProvider was changed as below.
The null value is likely due to me disabling cookies in Authentication. However, when I enable cookies, even though authentication is successful, it appears as if the session has never been opened on the client side. The login button remains on the screen. When I check /api/abp/application-configuration, it appears as unauthenticated.
private void ConfigureAuthentication(ServiceConfigurationContext context, IConfiguration configuration)
{
//context.Services.ForwardIdentityAuthenticationForBearer(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme);
context.Services.AddAuthentication()
//(options =>
//{
// options.DefaultScheme = "Cookies";
// options.DefaultChallengeScheme = "oidc";
//})
//.AddCookie("Cookies", options =>
//{
// options.ExpireTimeSpan = TimeSpan.FromDays(365);
// options.CheckTokenExpiration();
//})
.AddAbpOpenIdConnect("oidc", "XCore", options =>
{
options.Authority = configuration["XAuthAuthServer:Authority"];
options.RequireHttpsMetadata = configuration.GetValue<bool>("XAuthAuthServer:RequireHttpsMetadata");
options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
options.ClientId = configuration["XAuthAuthServer:ClientId"];
options.ClientSecret = configuration["XAuthAuthServer:ClientSecret"];
options.UsePkce = true;
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.Scope.Add("roles");
options.Scope.Add("email");
options.Scope.Add("phone");
options.Scope.Add("XCore");
//options.SignInScheme = IdentityConstants.ExternalScheme;
});
context.Services.Configure<AbpClaimsPrincipalFactoryOptions>(options =>
{
options.IsDynamicClaimsEnabled = false;
});
}
To start from the beginning, I want to use XCore's ApplicationContracts within XSingle (Single non-tiered and with DynamicProxy).
How can the XSingle application automatically obtain a token (for ClientId) from the XCore application and automatically add it to every request sent from XSingle to the interfaces in XCore?
Or
Can it generate and provide a user-based token specific to the XSingle user?
By the way, identity verification is the XAuth application for each application.
How can I use IAbpAccessTokenProvider for HttpContext ?
Hello, I'm trying to do exactly that. In the XCore project from my previous question, the Web layer passed to the Host layer and then to the XAuth project. These two projects (XSingle1, XSingle2) provide authorization with XAuth and obtain tokens to work within themselves. So far, I've connected using the Dynamic Proxy method. However, I'm confused about the authorization. In the XSingle1 project, user A needs to continuously send and receive requests to the XCore (Host) project. Here, a user-specific XCore token is required. Is there an easy way to do this?
Hello, You may recall that I previously had a question regarding the operation of the XCore and XAuth projects for a different issue. You were helpful there. (Ref: Configuration-of-authentication-and-authorization-server-and-client-projects ) In this question, there are actually two single-layer projects. One will use XAuth for access, and the other is a public project. I wanted to use the services within XCore in these two single-layer projects.
I will be using the endpoints from my Abp 9.3.5 MVC Tiered project in an Abp 9.3.5 MVC Single layer project. Is it possible to add the HttpApi.Client layer from the Tiered project to the Single Layer project? Can I use the endpoints here in the same way I used them in the Web layer of the Tiered project? What should I pay attention to in this regard? I would appreciate it if you could also answer how to make an authorized request.
hi
Thank you for your patience and support. We can close this matter.
Thank you.
Hello,
I reviewed the code in your article and created a TokenExtensionGrant class. Within this class, I used HttpClient to handle SSO and generated a token for the Core system. This code is currently working. I updated the code on GitHub. Should I have taken a different approach?
Thank you
Hi
I reset the database and recreated the users. When I create a user on the XXXAuth side and access this user via XXXCore, the Sign Up option creates a user record in the local database, and the password field for this record is naturally left blank. When I request a token for a normal user from the /connect/token endpoint for XXXCore, I naturally get a username or password error. I even tried copying the admin user's password to a normal user in the database, and it worked.
Is there any endpoint, definition, or parameter for obtaining a token via the API?
Alternatively, if the incoming user information passes verification on the XXXAuth side, would it be feasible to generate and return a new token for XXXCore by following the article at the link below? https://abp.io/community/articles/how-to-add-a-custom-grant-type-in-openiddict.-6v0df94z#gsc.tab=0
[maliming] said: The auth website is just like Google
You should obtain a token from the core website.
I will clean the database and try to obtain a token from Core using a normal user again. Perhaps there is something missing in the database. Thanks.
