Open Closed

Identity server issuer uri problem #1422


User avatar
0
yilmaz.132 created

ABP Framework version: v4.3.1 DB provider: SQL Server Tiered (MVC) or Identity Server Separated : yes Exception message and stack trace:

I am giving fixed IssuerUri address in IdentityServer application module. Configure<IdentityServerOptions>(options => { options.IssuerUri = configuration["App:SelfUrl"]; });

IdentityServer and my other applications revolve Tenant via sub-domain.

However, although I have given the Identity Server Issuer Uri as a constant, it varies according to the domain.

How can i solve this problem. Application sample link I referenced: https://github.com/abpframework/abp-samples/tree/master/DomainTenantResolver/MVC-TIERED


6 Answer(s)
  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    See https://github.com/abpframework/abp-samples/blob/abd1a864f273523640853362581c65cb85f5ac5b/DomainTenantResolver/MVC-TIERED/src/Acme.BookStore.Web/BookStoreWebModule.cs#L162

  • User Avatar
    0
    yilmaz.132 created

    Hi,

    AuthServerModule: Configure<AbpTenantResolveOptions>(options => { options.AddDomainTenantResolver(configuration["App:TenantDomainFormat"]); //{0}.mydomain.com }); Configure<IdentityServerOptions>(options => { options.IssuerUri = configuration["App:SelfUrl"]; //mydomain.com });

    I define the IssuerUri as mydomain.com. However, when logged in as turkey.mydomain.com, the issuer changes to turkey.mydomain.com in the .well-known/openid-configuration information.

    My problem is on the IdentityServer App (AuthServer) side.

    It is already defined in the web client application as you have forwarded in the link.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    I can't get your point, you want the IssuerUri to change with the tenant, right?

  • User Avatar
    0
    yilmaz.132 created

    Actually no.

    I want IssuerUri to be constant on IdentityServer side. It shouldn't change by domain. Micro-services cannot validate IssuerUri when IssuerUri varies by domain. For this, I close as follows, but I do not want it.

    options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters { ValidateIssuer = false };

    I add the following to fix IssuerUri in IdentityServer section. But it's not working. Configure<IdentityServerOptions>(options => { options.IssuerUri = "mydomain.app"; });

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Can you get the IdentityServerOptions from the DI and check the IssuerUri?

    var options = context.RequestServices.GetRequiredService<IdentityServerOptions>();
    var uri = options.IssuerUri;
    
  • User Avatar
    0
    ServiceBot created
    Support Team Automatic process manager

    This question has been automatically marked as stale because it has not had recent activity.

Made with ❤️ on ABP v8.2.0-preview Updated on March 25, 2024, 15:11