Activities of "james.marley"

Hello,

I am trying to setup a dynamic list of features based on rows in a database table. I know I can add in features through code as documented but I haven't found any examples where I can query a table and populate a list of features. My attempts at reading items from a repository have resulted in issues around sync and async on application start up.

I wanted to check that what I'm trying to do is possible/correct and if there is any guidance availabe on how to do this.

Thanks

• version 9.2.0
• MVC
• .net core

I am having the issue described in the post below on both Chrome and Edge browsers but neither solution works for me. Can you offer any help?

https://support.aspnetzero.com/QA/Questions/9537/Solution-for-unable-to-log-in-via-http-in-the-new-chrome

Hi,

I appreciate your response. I have tried the route as per your suggestion and it does work. I have however come across a couple of related problems.

When a user registers through OpenId they are activated and can now access the application. Once activated a user can just click on the OpenId button and have access. One point is that the username in the upper right is an MD5 hash of the e-mail address. I've corrected this by removing the MD5 in our code but I was curious why it was done like this? Since the user can see the MD5 value I'm not sure what the reason is but could be beneficial to know incase I am causing an issue by removing it. For end users it's not a good thing to see either.

My next issue has been tested both with and without the Md5 hash just to verify I hadn't broken anything with my change. I will details the steps below on how I am finding this issue.

1. Open Id is configured and working.
2. E-mail is configured in the system.
3. Application access is given to user within our AD organisation.
4. A user registers through the OpenId link and once activated can click the OpenId button to get access.
5. Once the user is logged in they click to change their password.
6. They can now click the link to say they have forgotten their password and will get an e-mail with instructions to reset.
7. Once the password is reset they can now login through the username/password form rather than clicking the OpenId link.

The above steps cause an issue as when the user is removed from accessing the application through Azure AD they can by-pass by entering in their username/password since they now know their password. In this manner they are by-passing the OpenId connect which I was intending for them to use so that I can deny access through Azure AD.

Perhaps I am missing something in my configuration within AzureAD that would prevent this. Regardless I don't think that a user who is using an external authentication mechanism should be allowed to reset their password and gain access in this way.

As an aside, my original query about Microsoft.Graph isn't related to the Zero solution as I'm still facing challenges to get this working with a simple MVC application. I think it's related to OpenId and how I get the identity. In summary I can use Microsoft.Graph with application permissions but unable to use delegate permissions. This isn't an issue with your solution so I'll continue to investigate this myself.

If you could advise on the reset password for external logins and also the reason for the MD5 hash of the e-mail address that would be appreciated.

Thanks

I'm trying to get Microsoft.Graph working within AspNetZero. I have OpenIdConnect authenticating against ADD and that is working well. A futher enhancement is some more integration with ADD for controlling access.

The requirement I have is to use a group in ADD that can allow or grant access to the application. So if a user wants to access the application the requirement is that they are part of a group in ADD. The reason for this is that our application will be in a corporate environment and the administration of users will be left to tenant administrators who are most likely system administrators within their organisation. For on-boarding new users a preferred workflow would be for a system administrator to assign a user to a group in ADD and instruct the new user that they can self register for access. In the opposite manner a user leaving the company could just be removed from the ADD group and then their access to the application will be removed.

The solution I am trying to implement is using Microsoft.Graph. I'm new to using Microsoft.Graph but I have followed through instructions from Microsoft and everything seems in order except that I am getting messages about not having permissions. I have all the API permissions setup in Azure that I should require but still cannot seem to find a simple way to connect.

I've got two questions regarding what I am trying to do.

1. Is there a better way of accomplishing access being controlled through ADD groups?
2. Is there any information in the solution about how to integrate with Microsoft.Graph? The ADD group stuff aside I could see being able to integrate with this service being of high value and I wonder if there is a way to create some more support within the application itself to setup.

Any advice is appreciated.

Hi,

I'm looking for a pointer on enabling OpenId for the host system. I have the application configured to resolve the tenant through the URL subdomain which is working. I have also enabled and tested OpenId for tenants which again is working well.

What I'm not able to do is use OpenId to login as host. Is this possilble and if so could someone point me in the right direction - I could just be missing this in the documenation or the settings? I'm using the .NET Core MVC JQuery solution and running the latest version.

Thanks

We managed to find the issue link you sent and have upated our code to get past the javascript problem.

We also had another issue with the dotnet-ef installation as detailed above. This problem was happening due to the docker project files being added to the root of the project. The end solution was to remove the docker project files and this got past the multiple project files error. Can someone confirm if they are seeing the same issue and if they found a solution where the docker project files can be retained?

Our azure pipeline is failing after upgrading our project from version 8.8 to version 8.9.2. We are getting the error message 'Specify which project file to use because this '/home/vsts/work/1/s' contains more than one project file' when installing entity framework in the pipeline using the command dotnet tool install --global dotnet-ef. So, we disabled the task and got another error at the NPM build stage SyntaxError in plugin "gulp-uglify-es".

To test out the build process I used the latest clean version of 8.9.2 without any of our code in just the standard boilerplate files and tried to run through the same pipeline which produced the same errors. I also did the same with version 8.8, again the boilerplate files with none of our code introduced, and this was successful.

Is there anything we are missing or have done wrong? The new version complies and runs on my local machine with the tests passing.

See build process steps below:

Hi,

I'm not too concerned about Localization for this part. What I cannot find is where [Validation Error] and [Validation narrative title] is coming from. How would you set these to string literals when showing the above message? I will check the first link again that you've sent in more detail to see if I'm missing something.

I have some custom validation that I am trying to add to a CreateOrEditDto. As per the documentation I have implmented the ICustomValidate interface. I did a simple test where I add a Validation Result to the context results where I do a very basic check.

The validation result is added and I am presented with a message box that contains my error message and it does not submit the form which is fine.

I have two questions:

1. In the form there is no translation for the error title or error narration. How do I go about adding this?
2. There is an argument that can be passed to the ValidationResults constructor that takes a string IEnumerable of member names. What is the purpose of passing in this list of property names? I had assumed it would update the form showing the validation errors with the invalid form inputs but it doesn't do this.

I couldn't find anything specific in the documentation regarding the above two questions. Any advice on how this should work would be appreciated.

The code I have is below and a screen grab of the message box attached:

public void AddValidationErrors(CustomValidationContext context)
{
    if(Name == "Test")
    {
        context.Results.Add(new ValidationResult("This is a test", new [] { "Name" }));
    }
}

apologies, my error, I noticed the banner on github with an invitation, I didnt realise I had to click on it to accept the invitation and get access. Many thanks for responding so quickly