Activities of "andmattia"

Hi @ismcagdas

yes it's correct. Consider that our solution (now has more or less 96 project). On this large solution we have 6 "service" already defined with their own DBContext and table so we have (core,app,shared,web for each service). We are moving to ABP.IO and to do that our path could be move one "service" into a ABP.IO microservice (we no that have some limitation (es. we can use only sync method beacuse RabbitMQ is not available on ANZ)).

Like has you suggest out path is:

• allow ABP.IO to authenticate via IS on ANZ and we did it only for authcode for now (I'm testing user but I get en infinite loop)
• move a service in an ABP.IO module (or more)

So our open point still:

• data comunication from to service
• SSO from ABP.IO -> ANZ with user credential

For this reason I've create this 2 empty project to create an internla POC a prepare the guide line to implement our pattern.

Our goal could be deploy different service / UI that it use ANZ for authentication (more or less that you do on public web site, support and commercial on ABP.IO) mixing ANZ and ABP.IO.

So now we can share access from ANZ & ABP.IO (at the moment only via authentication_code in next day we check different auth mode).

Now wich is the best approce to share "data" ANZ is monolityc ABP is modular supose we develop a now module Product (or move some API from ANZ to ABP) respect the picture above we can't have GW.(our UI in Angulr)

How can we use data from new ABP service? From ANZ of course we can use normal TS proxy.

Hi I see that is a cache related issue. If I give permission to a scope client and not delete / refrash the Redis permission not works fine but I need to delete only key related to client and not all db.

Hi

ok I can understand it but why if authenticate my abp.io client on ANZ I get an 403 error and if I put a row on abppermissiongrant I get an invalid_grant.

ANZ only give ok or KO for user access (evenutaly can share some date on OpenId configuration like name,email, etc). The scope on ABP.IO give the role/persmission configure.

Are you able to make it work with my two solution? Colud you please share what we need to change?

Hi

has you see the 2 solution sended via wetransfer?

Ok, this issue is related to IIS if I call using debug via console it works. now the problem is permission on ANZ I've this permission

ANZ

   "Pages.Tenants",
  "Pages.Tenants.Create",
  "Pages.Tenants.Edit",
  "Pages.Tenants.ChangeFeatures",
  "Pages.Tenants.Delete",
  "Pages.Tenants.Impersonation"

on ABP.IO

    "Saas.Tenants"

I try to add a row on ABP db on AbpPermissionGrants (picture below) but now on swagger I get an error "Bad Request, error: invalid_grant"

So now my question is: how can it works? If I add permission on ABP I get an error if I don't add it I'm not authorized. About permission: ABP send permission name to ANZ? It not make sense... or it happen only beacuse I chosse authorization_code...

For us it's important to undestend this point becasue at the moment we have 2 payed subscrption on ANZ & ABP but we cannot bring the max from both.

Hi

I add https://localhost:44367 to appsetting on ANZ solution AZN

"App": {
    "ServerRootAddress": "http://localhost:22742/",
    "ClientRootAddress": "http://localhost:4200/",
    "CorsOrigins": "http://*.mycompany.com,http://localhost:4200,http://localhost:49152,https://localhost:44333,https://localhost:44367",
    "SwaggerEndPoint": "/swagger/v1/swagger.json",
    "AllowAnonymousSignalRConnection": "true"
  },

ABP.IO

  "App": {
    "SelfUrl": "https://localhost:44367",
    "AngularUrl": "http://localhost:4200",
    "MVCPublicUrl": "https://localhost:44306",
    "CorsOrigins": "https://*.test2demo.com,http://localhost:4200,http://localhost:22742"
  },

but problem still exixts.

So on your side has you test and works? Has you the correct permission to query data on ABP.IO authenticated from ANZ?

I've send souce code of both solution to info email.

Hi

I try from 2 new clean solution ANZ (7.1.0) ABP.IO (lastest) but nothing change ANZ say autenthication complete but APB.IO on swagger say "Unable to fatch" and no auth completed. I can share with you.

How can I share the permission?

My scenario is:

• ANZ solution name test1 with its own permission
• ABP solution name test2 with its own permission (es. blog auth)

When I open swagger on abp.io page tha auth process call ANZ identity and receive a correct token but when i call it from swagger I need to indecate scope the scope name available is test2, because I'm on test2 abp.io app. I look into redis and I see that Volo.Abp.PermissionManamente.PermissionGrant.test2.pn.C.test2_swagger all sub key has isgranted set to false.

My dubt is that test2_swagger has no permission, how can give permission to that user profile?