Aktivity „maliming“

hi

You can try to override it on AuthServer

hi

StatusCode: 500,

Please check the logs from Auth server project

hi

Try to add OpenIddictConstants.GrantTypes.Password to grantTypes

grantTypes: new List<string> //Hybrid flow
{
    OpenIddictConstants.GrantTypes.AuthorizationCode, 
    OpenIddictConstants.GrantTypes.Implicit,
    OpenIddictConstants.GrantTypes.Password
},

hi

Please share the code like:

Your client required the OpenIddictConstants.GrantTypes.Password grant type.

hi

Can you share full logs of all related requests?

Thanks

liming.ma@volosoft.com

[Dependency(ReplaceServices = true)]
[ExposeServices(typeof(ExternalProviderSettingsHelper))]
public class MyExternalProviderSettingsHelper : ExternalProviderSettingsHelper
{
    //...
}

You can check the _currentTenant usage in this class and change it to fit your case.

: )

hi

I don't see why they should match. Please can you explain more?

This is a rule to validate a token, the server will get the issuer from the token and get the host from the HTTP context. eventually try to match them.

1. You can try to set the issuer and reissue a token.

serverBuilder.SetIssuer(new Uri("https://localhost/"));

public override void PreConfigureServices(ServiceConfigurationContext context)
{
    var hostingEnvironment = context.Services.GetHostingEnvironment();
    var configuration = context.Services.GetConfiguration();

    PreConfigure<OpenIddictBuilder>(builder =>
    {
        builder.AddValidation(options =>
        {
            options.AddAudiences("MyProjectName");
            options.UseLocalServer();
            options.UseAspNetCore();
        });
    });

    if (!hostingEnvironment.IsDevelopment())
    {
        PreConfigure<AbpOpenIddictAspNetCoreOptions>(options =>
        {
            options.AddDevelopmentEncryptionAndSigningCertificate = false;
        });

        PreConfigure<OpenIddictServerBuilder>(serverBuilder =>
        {
            serverBuilder.AddProductionEncryptionAndSigningCertificate("openiddict.pfx", "00000000-0000-0000-0000-000000000000");
            serverBuilder.SetIssuer(new Uri(configuration["AuthServer:Authority"]!));
        });
    }
}

You can configure the TokenValidationParameters to disable to match the issuer and host. or add https://localhost/ and https://localhost/auth to validissuers

https://learn.microsoft.com/en-us/dotnet/api/microsoft.identitymodel.tokens.tokenvalidationparameters.validissuer?view=msal-web-dotnet-latest#microsoft-identitymodel-tokens-tokenvalidationparameters-validissuer

https://learn.microsoft.com/en-us/dotnet/api/microsoft.identitymodel.tokens.tokenvalidationparameters.validissuers?view=msal-web-dotnet-latest#microsoft-identitymodel-tokens-tokenvalidationparameters-validissuers

hi

Can you share the code that creates SglBaseProject_Web?

You need the OpenIddictConstants.GrantTypes.Password

https://github.com/abpframework/abp/blob/dev/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Domain/OpenIddict/OpenIddictDataSeedContributor.cs#L122-L125

hi

The 8923ECD9CC3A022B71E966D19950185C is the md5 of scripts content.

So, it should be the same for all instances.