Activities of "evadmin"
Hi, the documentation describes configuring IdentityServer4 clients in appsettings.json, but is there a way to configure IdentityResources and ApiResources?
Nevermind! I found it in <myproject>.Web.Core\IdentityServer\IdentityServerConfig.cs
Hi, I've configured my site to use smtp.office365.com as my smtp server, but it doesn't seem to work and I can't figure out how to debug it. When I try to send test emails, there's a notification saying they are sent successfully, but none of the emails I've sent have been received.
Hello, I'm using the latest version of Abp0 (.net core 2.0). I'm trying to figure out how to secure the web host project against an server running IdentityServer4. I see that the default authentication uses JWT bearer token, but I don't understand what to use for the SecurityKey value.
So I tried to use IdentityServerAuthencitation by adding IdentityServer4 AccessTokenValidation.2.0.0-rc2 which is supposed to support dotnetcore 2.0, but that's not working either.
Does anyone have some advice or an example of how to authenticate the API (web host project) with a JWT given an existing API resource registered with an existing IdentityServer4 implementation?
So I was finally able to make this work with a hack. I'll share what I did in case anyone else runs into trouble.
When accessing protected routes, AuthorizationHelper.AuthorizeAsync() is called:
public async Task AuthorizeAsync(IEnumerable<IAbpAuthorizeAttribute> authorizeAttributes)
{
if (!_authConfiguration.IsEnabled)
{
return;
}
if (!AbpSession.UserId.HasValue) //this was ALWAYS NULL for me
{
throw new AbpAuthorizationException(
LocalizationManager.GetString(AbpConsts.LocalizationSourceName, "CurrentUserDidNotLoginToTheApplication")
);
}
foreach (var authorizeAttribute in authorizeAttributes)
{
await PermissionChecker.AuthorizeAsync(authorizeAttribute.RequireAllPermissions, authorizeAttribute.Permissions);
}
}
Digging deeper, I found that userIdClaim in ClaimsAbpSession was ALWAYS NULL as well:
public class ClaimsAbpSession : AbpSessionBase, ISingletonDependency
{
public override long? UserId
{
get
{
if (OverridedValue != null)
{
return OverridedValue.UserId;
}
//userIdClaim is always null because AbpClaimTypes.UserId == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier";
var userIdClaim = PrincipalAccessor.Principal?.Claims.FirstOrDefault(c => c.Type == AbpClaimTypes.UserId);
if (string.IsNullOrEmpty(userIdClaim?.Value))
{
return null;
}
long userId;
if (!long.TryParse(userIdClaim.Value, out userId))
{
return null;
}
return userId;
}
}
The accessToken returned by IdentityServer4 as a "sub" claim with the UserId value in it, so I simply added
AbpClaimTypes.UserId = "sub";
to Evsuite.Admin.Web.Host.AuthConfigurer.Configure();
Now ClaimsAbpSession.UserId is set to the correct AbpUsers.Id.
Settings > Appearance > Upload_Logo_info isn't working correctly. I upload an image and it changes the logo on the banner. If navigate away, the image reverts to the ASP.NET Zero logo. If I click Save All and navigate away, the image reverts. Any suggestions?
Hi, I'm using the jQuery version. When I navigate away it does not show the correct image. Here are the steps I took:
- Navigate to /Admin/Settings > Appearance
- Click "Choose File" (I selected a .png file, in case the extension matters)
- Click "Upload" (at this point the graphic in the banner changes to look like the one I uploaded)
- Click "Save All" (I've also tried it without clicking "Save All")
- Press F5 (at this point the banner graphic reverts back to ASP.NET ZERO)
- Navigate to /Admin/Dashboard (the graphic is still ASP.NET ZERO)
The problem I encountered is based on some quirks of using smtp.Office365.com. After reading a bit about sending emails with Office365 and MailKit, I solved my problem by replacing DefaultMailKitSmtpBuilderwith a custom one that's exactly the same with the addition of two lines:
client.ServerCertificateValidationCallback = (s, c, h, e) => true; and client.AuthenticationMechanisms.Remove("XOAUTH2");
Here's my complete Office365SmtpBuilder implementation:
public class Office365SmtpBuilder : IMailKitSmtpBuilder
{
private readonly ISmtpEmailSenderConfiguration _smtpEmailSenderConfiguration;
public Office365SmtpBuilder(ISmtpEmailSenderConfiguration smtpEmailSenderConfiguration)
{
_smtpEmailSenderConfiguration = smtpEmailSenderConfiguration;
}
public virtual SmtpClient Build()
{
var client = new SmtpClient();
try
{
ConfigureClient(client);
return client;
}
catch
{
client.Dispose();
throw;
}
}
protected virtual void ConfigureClient(SmtpClient client)
{
client.ServerCertificateValidationCallback = (s, c, h, e) => true; //added this line
client.Connect(
_smtpEmailSenderConfiguration.Host,
_smtpEmailSenderConfiguration.Port,
_smtpEmailSenderConfiguration.EnableSsl
);
client.AuthenticationMechanisms.Remove("XOAUTH2"); //added this line
var userName = _smtpEmailSenderConfiguration.UserName;
if (!userName.IsNullOrEmpty())
{
client.Authenticate(
_smtpEmailSenderConfiguration.UserName,
_smtpEmailSenderConfiguration.Password
);
}
}
}
I replaced the DefaultMailKitSmtpBuilder service by updating my AdminCoreModule in the PreInitialize() method:
if (DebugHelper.IsDebug)
{
//Disabling email sending in debug mode
Configuration.ReplaceService<IMailKitSmtpBuilder, Office365SmtpBuilder>(DependencyLifeStyle.Transient);
}
I have over 120 users in my database, but the users table only shows 10 total. Switching the drop down to show more at once has no effect. The buttons to advance to the next set of records are disabled. I'd like to be able to interact with all my users, any ideas?
That did it! Thank you!