We are using ANZ 10.1 Angular - Core/dotNet5
We added a button to the login screen for a tenant that uses an OpenIdConnect authentication server for SSO.
When the external server returns the tokens, they do not provide Abp.TenantId in their header. Since it is an external server, we don't have control. So, I need to get AbpSession to have their TenantId for the ExternalAuthenticate process in the TokenAuthController. Is there a recommended way to get that process to override the AbpSession.TenantId?
Thank you
4 Answer(s)
-
0
Hi @henryand
Most of the time, such auth servers return to the URL you provide them. You can add TenantId parameter to return URL you are sending to auth server.
-
0
Will adding "Abp.TenantID=2" in the querystring automatically update the AbpSession.TenantId? Are there any code changes I will need to make in order to use that querystring value?
I know this will tell the TokenAuthController what the tenantId should be, but AbpSession value is hardcoded into various functions used during the external authentication and authorization process. If it isn't in AbpSession,then it doesn't really help. One example: GetRoleByNameAsync(String roleName) does not have an override to allow me to pass in a tenantID - it is hardcoded to use AbpSession.TenantId. That may be by design, but I need this during external login for authorization validation so I need an override or I need the correct AbpSession.TenantID. Another example is SetRolesAsync(user, rolename) which only looks up the role for the AbpSession.TenantId. Another example during external login is GetTenancyNameOrNull() uses AbpSession.TenantId.
Thank you
-
0
Hi,
Angular app gets tenantId from cookie with cooke name
abp.multiTenancy.tenantIdCookieName
. So, you can set cookei value when yo uget TenantId from external provider as shown below;this._utilsService.setCookieValue(abp.multiTenancy.tenantIdCookieName,"TenantId");
Then, rest should work.
-
0
As a test, I added:
this.\_utilsService.setCookieValue(abp.multiTenancy.tenantIdCookieName,"2");
in:
openIdConnectLoginCallback(resp) {this.initExternalLoginProviders(() => { }
It looks like it's doing exactly what I need!
Thank you!