Is there an existing issue for this? <li class="

hi Please create a template project and compare the <code class="not

hi Why does your module depend on AbpAccou

Further update: I have tried to re-create this on a startup te

ICurrentUser.IsAuthenticated = false on Blazor WASM after upgrade to 8.2 RC3 about abp HOT 9 CLOSED

gdunit commented on July 24, 2024 2

ICurrentUser.IsAuthenticated = false on Blazor WASM after upgrade to 8.2 RC3

from abp.

Comments (9)

gdunit commented on July 24, 2024 1

Update: I've tried to map all of the code from the startup template for the authserver and httpapi.host modules, and the issue still exists.

I am going to try and upgrade one of my other test solutions that also has subdomain tenant resolution to see if I can create a repro that I can share.

from abp.

younessiysa commented on July 24, 2024

I am experiencing same issue with ABP version 8.1.1. Specifically, CurrentUser.IsAuthenticated always returns false.

from abp.

maliming commented on July 24, 2024

Please create a template project and compare the authentication code.

from abp.

younessiysa commented on July 24, 2024

You have created a project from scratch using version 8.1.3, but I am encountering the same problem.

from abp.

younessiysa commented on July 24, 2024

`using GFCAPI.EntityFrameworkCore;
using GFCAPI.Localization;
using GFCAPI.MultiTenancy;
using GFCAPI.Web.Menus;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Cors;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
using Microsoft.OpenApi.Models;
using System;
using System.IO;
using System.Linq;
using Volo.Abp;
using Volo.Abp.Account.Web;
using Volo.Abp.AspNetCore.Mvc;
using Volo.Abp.AspNetCore.Mvc.Localization;
using Volo.Abp.AspNetCore.Mvc.UI.Bundling;
using Volo.Abp.AspNetCore.Mvc.UI.Theme.LeptonXLite;
using Volo.Abp.AspNetCore.Mvc.UI.Theme.LeptonXLite.Bundling;
using Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared;
using Volo.Abp.AspNetCore.Serilog;
using Volo.Abp.Autofac;
using Volo.Abp.AutoMapper;
using Volo.Abp.Identity.Web;
using Volo.Abp.Modularity;
using Volo.Abp.OpenIddict;
using Volo.Abp.Security.Claims;
using Volo.Abp.SettingManagement.Web;
using Volo.Abp.Swashbuckle;
using Volo.Abp.TenantManagement.Web;
using Volo.Abp.UI.Navigation;
using Volo.Abp.UI.Navigation.Urls;
using Volo.Abp.VirtualFileSystem;

namespace GFCAPI.Web;

[DependsOn(
typeof(GFCAPIHttpApiModule),
typeof(GFCAPIApplicationModule),
typeof(GFCAPIEntityFrameworkCoreModule),
typeof(AbpAutofacModule),
typeof(AbpIdentityWebModule),
typeof(AbpSettingManagementWebModule),
typeof(AbpAccountWebOpenIddictModule),
typeof(AbpAspNetCoreMvcUiLeptonXLiteThemeModule),
typeof(AbpTenantManagementWebModule),
typeof(AbpAspNetCoreSerilogModule),
typeof(AbpSwashbuckleModule)
)]
public class GFCAPIWebModule : AbpModule
{
public override void PreConfigureServices(ServiceConfigurationContext context)
{
var hostingEnvironment = context.Services.GetHostingEnvironment();
var configuration = context.Services.GetConfiguration();

    context.Services.PreConfigure<AbpMvcDataAnnotationsLocalizationOptions>(options =>
    {
        options.AddAssemblyResource(
            typeof(GFCAPIResource),
            typeof(GFCAPIDomainModule).Assembly,
            typeof(GFCAPIDomainSharedModule).Assembly,
            typeof(GFCAPIApplicationModule).Assembly,
            typeof(GFCAPIApplicationContractsModule).Assembly,
            typeof(GFCAPIWebModule).Assembly
        );
    });

    PreConfigure<OpenIddictBuilder>(builder =>
    {
        builder.AddValidation(options =>
        {
            options.AddAudiences("GFCAPI");
            options.UseLocalServer();
            options.UseAspNetCore();
        });
    });

    if (!hostingEnvironment.IsDevelopment())
    {
        PreConfigure<AbpOpenIddictAspNetCoreOptions>(options =>
        {
            options.AddDevelopmentEncryptionAndSigningCertificate = false;
        });

        PreConfigure<OpenIddictServerBuilder>(serverBuilder =>
        {
            serverBuilder.AddProductionEncryptionAndSigningCertificate("openiddict.pfx", "4d28a500-2ddd-4028-a157-374638e594b8");
        });
    }
}

public override void ConfigureServices(ServiceConfigurationContext context)
{
    var hostingEnvironment = context.Services.GetHostingEnvironment();
    var configuration = context.Services.GetConfiguration();

    ConfigureAuthentication(context, configuration);
    ConfigureUrls(configuration);
    ConfigureBundles();
    ConfigureAutoMapper();
    ConfigureVirtualFileSystem(hostingEnvironment);
    ConfigureNavigationServices();
    ConfigureAutoApiControllers();
    ConfigureSwaggerServices(context.Services);
    ConfigureCors(context, configuration);
}

private void ConfigureAuthentication(ServiceConfigurationContext context, IConfiguration configuration)
{
    //context.Services.ForwardIdentityAuthenticationForBearer(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme);
    //context.Services.Configure<AbpClaimsPrincipalFactoryOptions>(options =>
    //{
    //    options.IsDynamicClaimsEnabled = true;
    //});

    context.Services.AddAuthentication(options =>
    {
        options.DefaultScheme = "Cookies";
        options.DefaultChallengeScheme = "oidc";
    })
        .AddCookie("Cookies", options =>
        {
            options.ExpireTimeSpan = TimeSpan.FromDays(365);
            options.CheckTokenExpiration();
        })
        .AddAbpOpenIdConnect("oidc", options =>
        {
            options.Authority = configuration["AuthServer:Authority"];
            options.RequireHttpsMetadata = configuration.GetValue<bool>("AuthServer:RequireHttpsMetadata");
            options.ResponseType = OpenIdConnectResponseType.CodeIdToken;

            options.ClientId = configuration["AuthServer:ClientId"];
            options.ClientSecret = configuration["AuthServer:ClientSecret"];

            options.UsePkce = true;
            options.SaveTokens = true;
            options.GetClaimsFromUserInfoEndpoint = true;

            options.Scope.Add("roles");
            options.Scope.Add("email");
            options.Scope.Add("phone");
            options.Scope.Add("GFCAPI");
        });


    context.Services.Configure<AbpClaimsPrincipalFactoryOptions>(options =>
    {
        options.IsDynamicClaimsEnabled = true;
    });

}

private void ConfigureUrls(IConfiguration configuration)
{
    Configure<AppUrlOptions>(options =>
    {
        options.Applications["MVC"].RootUrl = configuration["App:SelfUrl"];
    });
}

private void ConfigureBundles()
{
    Configure<AbpBundlingOptions>(options =>
    {
        options.StyleBundles.Configure(
            LeptonXLiteThemeBundles.Styles.Global,
            bundle =>
            {
                bundle.AddFiles("/global-styles.css");
            }
        );
    });
}

private void ConfigureAutoMapper()
{
    Configure<AbpAutoMapperOptions>(options =>
    {
        options.AddMaps<GFCAPIWebModule>();
    });
}

private void ConfigureVirtualFileSystem(IWebHostEnvironment hostingEnvironment)
{
    if (hostingEnvironment.IsDevelopment())
    {
        Configure<AbpVirtualFileSystemOptions>(options =>
        {
            options.FileSets.ReplaceEmbeddedByPhysical<GFCAPIDomainSharedModule>(Path.Combine(hostingEnvironment.ContentRootPath, $"..{Path.DirectorySeparatorChar}GFCAPI.Domain.Shared"));
            options.FileSets.ReplaceEmbeddedByPhysical<GFCAPIDomainModule>(Path.Combine(hostingEnvironment.ContentRootPath, $"..{Path.DirectorySeparatorChar}GFCAPI.Domain"));
            options.FileSets.ReplaceEmbeddedByPhysical<GFCAPIApplicationContractsModule>(Path.Combine(hostingEnvironment.ContentRootPath, $"..{Path.DirectorySeparatorChar}GFCAPI.Application.Contracts"));
            options.FileSets.ReplaceEmbeddedByPhysical<GFCAPIApplicationModule>(Path.Combine(hostingEnvironment.ContentRootPath, $"..{Path.DirectorySeparatorChar}GFCAPI.Application"));
            options.FileSets.ReplaceEmbeddedByPhysical<GFCAPIWebModule>(hostingEnvironment.ContentRootPath);
        });
    }
}

private void ConfigureNavigationServices()
{
    Configure<AbpNavigationOptions>(options =>
    {
        options.MenuContributors.Add(new GFCAPIMenuContributor());
    });
}

private void ConfigureAutoApiControllers()
{
    Configure<AbpAspNetCoreMvcOptions>(options =>
    {
        options.ConventionalControllers.Create(typeof(GFCAPIApplicationModule).Assembly);
    });
}

private void ConfigureCors(ServiceConfigurationContext context, IConfiguration configuration)
{
    context.Services.AddCors(options =>
    {
        options.AddDefaultPolicy(builder =>
        {
            builder
                .WithOrigins(
                    configuration["App:CorsOrigins"]
                        .Split(",", StringSplitOptions.RemoveEmptyEntries)
                        .Select(o => o.RemovePostFix("/"))
                        .ToArray()
                )
                .WithAbpExposedHeaders()
                .SetIsOriginAllowedToAllowWildcardSubdomains()
                .AllowAnyHeader()
                .AllowAnyMethod()
                .AllowCredentials();
        });

    });

}

private void ConfigureSwaggerServices(IServiceCollection services)
{
    services.AddAbpSwaggerGen(
        options =>
        {
            options.SwaggerDoc("v1", new OpenApiInfo { Title = "GFCAPI API", Version = "v1" });
            options.DocInclusionPredicate((docName, description) => true);
            options.CustomSchemaIds(type => type.FullName);
        }
    );
}

public override void OnApplicationInitialization(ApplicationInitializationContext context)
{
    var app = context.GetApplicationBuilder();
    var env = context.GetEnvironment();

    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
    }

    app.UseAbpRequestLocalization();

    if (!env.IsDevelopment())
    {
        app.UseErrorPage();
    }

    app.UseCorrelationId();
    app.UseStaticFiles();
    app.UseRouting();
    app.UseCors();
    app.UseAuthentication();
    app.UseAbpOpenIddictValidation();

    if (MultiTenancyConsts.IsEnabled)
    {
        app.UseMultiTenancy();
    }

    app.UseUnitOfWork();
    app.UseDynamicClaims();
    app.UseAuthorization();

    app.UseSwagger();
    app.UseAbpSwaggerUI(options =>
    {
        options.SwaggerEndpoint("/swagger/v1/swagger.json", "GFCAPI API");
    });

    app.UseAuditing();
    app.UseAbpSerilogEnrichers();
    app.UseConfiguredEndpoints();
}

}
`

from abp.

maliming commented on July 24, 2024

Why does your module depend on AbpAccountWebOpenIddictModule ?

And please see:
https://community.abp.io/posts/how-claim-type-works-in-asp-net-core-and-abp-framework-km5dw6g1#disable-jwtbeareropenid-connect-client-claim-type-mapping

from abp.

gdunit commented on July 24, 2024

Further update:

I have tried to re-create this on a startup template with similar setup (tiered / separate authserver, subdomain tenant resolution) and cannot.
I also tried to add a new Blazor-Webapp front end to my main project. This displays the principal information correctly when rendering in server mode - but then does not display the information (isAuth = false) when the render mode switches to WASM. This suggests to me that the blazor WASM code is not at fault, since it is the same problem between Blazor-webapp in WASM mode and pure WASM client.

My main solution is a lot more complex than the startup template, with additional modules, custom theme, etc. I fear this may be a case of trial and error, removing / changing components in my main solution until I find the culprit. I will report back once I do.

In the meantime are there any pointers of what kind of situation might cause this, or any areas where you would recommend looking to try and find what is happening?

from abp.

gdunit commented on July 24, 2024

For context here are a couple of screenshots. These are taken from the blazor-webapp showing it switching from server mode to WASM (as per the standard InteractiveAuto render mode) and illustrating the issue.

from abp.

gdunit commented on July 24, 2024

OK, finally found the issue:

Upon further inspection of the application traces, the tokens were being rejected as invalid:

"IDX14100: JWT is not well formed, there are no dots (.). The token needs to be in JWS or JWE Compact Serialization Format. (JWS)"

This is the same as reported in #19893 and dotnet/aspnetcore#52286

The reason this worked in the new solution but not in my older one was because these three packages were missing from the httpapi.host csproj file on my older, upgraded solution:

<PackageReference Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" Version="7.5.1" />
<PackageReference Include="Microsoft.IdentityModel.JsonWebTokens" Version="7.5.1" /> 
<PackageReference Include="Microsoft.IdentityModel.Tokens" Version="7.5.1" />

Per the reported issue, adding these seems to overcome some problems in the way that the MS libraries validate the tokens.

from abp.

ICurrentUser.IsAuthenticated = false on Blazor WASM after upgrade to 8.2 RC3 about abp HOT 9 CLOSED

Comments (9)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent