Open Closed

Identity API with JWT #2659


User avatar
0
lan.dang created
  • ABP Framework version: v5.1
  • UI type: Blazor
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): No
  • Exception message and stack trace:
  • Steps to reproduce the issue: I would like to build API that can access from client (chrome plugin), with some basic functions like : login, logout, CRUD to some data table and that using JWT to authenticate. Can I use IdentityServer4 and its API or I should create new module for it? If so can you give me some document that I can refer?

23 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    ABP's identity module uses cookies as the authentication scheme by default.

    You can use the Identity Server module. You can use the Authorization Code flow in the chrome plugin to get the access token.

    https://www.google.com/search?q=asp+net+core+jwt+authentication&oq=ASP+NET+CORE+JWR&aqs=chrome.2.69i57j0i13l9.7064j0j9&sourceid=chrome&ie=UTF-8 https://www.codemag.com/Article/2105051/Implementing-JWT-Authentication-in-ASP.NET-Core-5

  • User Avatar
    0
    lan.dang created

    Thanks @maliming,

    At server, what is interface or class that I need to use to verify user? I tried to use IdentityUserAppService but it does not work. Can you give a sample code to allow user login?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    You can refer to identity and account module source code.

  • User Avatar
    0
    lan.dang created

    Yes that is what I need, can you send me these link to source code?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    See https://support.abp.io/QA/Questions/632/How-can-I-download-the-source-code-of-the-framework-Angular-packages-theme-and-pro-modules

  • User Avatar
    0
    lan.dang created

    Thank you

  • User Avatar
    0
    lan.dang created

    Hi Maliming again, I have a question related to JWT. I saw in our solution there is a configure of JWT already So that I can not add JWT bear configure (I have code to use Security key). In this case, how can I generate token to use for API? The token generated by using security key is not working

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    This is just a jwt authentication scheme, you can add a custom jwt or cookies authentication scheme.

  • User Avatar
    0
    lan.dang created

    But when I add my custom JWT bear, it gives error so I think I can only use this default or custom JWT, is that right? Autofac.Core.DependencyResolutionException: An exception was thrown while activating λ:Microsoft.Extensions.Hosting.IHostedService[] -> Microsoft.AspNetCore.Hosting.GenericWebHostService -> Microsoft.AspNetCore.Server.IIS.Core.IISHttpServer -> Microsoft.AspNetCore.Authentication.AuthenticationSchemeProvider. ---> Autofac.Core.DependencyResolutionException: An exception was thrown while invoking the constructor 'Void .ctor(Microsoft.Extensions.Options.IOptions1[Microsoft.AspNetCore.Authentication.AuthenticationOptions])' on type 'AuthenticationSchemeProvider'. ---> System.InvalidOperationException: Scheme already exists: Bearer at Microsoft.AspNetCore.Authentication.AuthenticationOptions.AddScheme(String name, Action1 configureBuilder) at Microsoft.AspNetCore.Authentication.AuthenticationBuilder.<>c__DisplayClass4_0`2.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    System.InvalidOperationException: Scheme already exists: Bearer at Microsoft.AspNetCore.Authentication.AuthenticationOptions.AddScheme(String name

    You can use a different scheme name.

  • User Avatar
    0
    lan.dang created

    I keep this and add new one this

    But it does not work, give same problem

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

  • User Avatar
    0
    lan.dang created

    Thank you I can get it work, but what is different about name? If I put second as default, it works (as image below) But if i put second with "CustomJWT" it does not work, and return 302 Found error. Does it take only default Bearer?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    HI

    app.UseJwtTokenMiddleware();
    app.UseJwtTokenMiddleware("CustomJWT");
    
  • User Avatar
    0
    lan.dang created

    It gives another error 2022-03-08 09:28:46.233 +07:00 [ERR] An unhandled exception has occurred while executing the request. System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'System.String'. ---> System.IO.IOException: IDX20807: Unable to retrieve document from: 'System.String'. HttpResponseMessage: 'System.Net.Http.HttpResponseMessage', HttpResponseMessage.Content: 'System.String'. at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel) at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(String address, IDocumentRetriever retriever, CancellationToken cancel) at Microsoft.IdentityModel.Protocols.ConfigurationManager1.GetConfigurationAsync(CancellationToken cancel) --- End of inner exception stack trace --- at Microsoft.IdentityModel.Protocols.ConfigurationManager1.GetConfigurationAsync(CancellationToken cancel) at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync() at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync() at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.AuthenticateAsync() at Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, String scheme) at Microsoft.AspNetCore.Builder.ApplicationBuilderAbpJwtTokenMiddlewareExtension.<>c__DisplayClass0_0.<

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    You need to set the Authority.

  • User Avatar
    0
    lan.dang created

    I have it in appSetting.json

    But if I move set CustomJWT here, it works fine with my customJWT but I don't think it works for Authority

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    I suggest you first understand JWT authentication in asp net core.

    https://www.google.com/search?q=JWT+authentication+in+asp+net+core.&oq=JWT+authentication+in+asp+net+core.&aqs=chrome..69i57.256j0j7&sourceid=chrome&ie=UTF-8

  • User Avatar
    0
    lan.dang created

    Yes I can get my JWT works, but I dont want to hurt current Jwt with Authority, so i want to keep them both. if I configure like that it will work with my JWT token (not sure Authority work or not)

    But if I configure It will not work with my JTW token. Can I make it work for both?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi lan.dang

    Can you share with me a simpleproject that includes your jwt code?

    liming.ma@volosoft.com

  • User Avatar
    0
    lan.dang created

    I think my issue same as here https://support.abp.io/QA/Questions/1682/API-Fails-after-Authenticated

    But I dont know what did he resolved it? Should I run .Host project before run Blazor project?

    I will get and send you that code after lunch. Thank you

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    ok

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    IDX20803: Unable to obtain configuration from: 'System.String'.

    Please set ShowPII to true to check the error detials.

    if (env.IsDevelopment())
    {
         IdentityModelEventSource.ShowPII = true; 
    }
    
Made with ❤️ on ABP v8.2.0-preview Updated on March 25, 2024, 15:11