Open Closed

Helm charts for 5.3.3 and Blazor #3463


0
hakan.uskaner created
  • ABP Framework version: v5.3.3
  • UI type: Blazor
  • DB provider: EF Core / MongoDB
  • Tiered (MVC) or Identity Server Separated (Angular): yes

Hi,

i 'am trying to publish a microservice to kubernetes, but was not able to find any informations howto configure the helm charts for Blazor and correct domainnames.

To reproduce:

  1. Generate a microservice: abp new AppMicro -t microservice-pro -u blazor-server -csf
  2. Add a microservice: abp.exe new AppZero -t microservice-service-pro

If i check the charts directory and the provided infos:

  • There is no Documentation for Blazor, and nothing similiar in eshoponabp..
  • In the charts there is still a "gateway-internal", but as far as i know this isn't needed that way anymore.
  • The gateways still use ocelot and eshoponabp Yarp (hope this also gonna change soon)

As far as i can see, it seems that you need to update these charts as soon as possible.

What i need from you is the complete etc\k8s Folder which would work for my solution (which you should generate like above).. Can you please provide that to me ?


18 Answer(s)
  • 0
    hakan.uskaner created

    Hi @gterdem,

    the added microservie also uses Blazor. Maybe you would like to check my solution remotly ?

  • 0
    gterdem created
    Support Team

    Hello,

    Blazor.Wasm is similar to angular application when deploying.

    You can add a Dockerfile to build locally:

    FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS build
    COPY bin/Release/net6.0/publish/ app/
      
    FROM nginx:alpine AS final
    WORKDIR /usr/share/nginx/html
    COPY --from=build /app/wwwroot .
    COPY /nginx.conf  /etc/nginx/conf.d/default.conf
    

    nginx.conf:

    server {
        listen       80;
        listen  [::]:80;
        server_name  _;
    
        access_log  /var/log/nginx/host.access.log  main;
        
    	location / {
            root   /usr/share/nginx/html;
            try_files $uri $uri/ /index.html =404;		
    	}
    
        #error_page  404              /404.html;
    
        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /usr/share/nginx/html;
        }
    }
    

    Thanks for reporting. I'll update the microservice template for docker and kubernetes containing blazor deployment.

  • 0
    hakan.uskaner created

    Hi, its Blazor Server not Wasm.

    I really need this, because i need to publish that solution internally for further test as soons as possible. So when do you expect to update them ? can you provide me a working sample with blazor server or the etc/k8s folder ?

  • 0
    gterdem created
    Support Team

    If you are using Blazor-Server, it is pretty similar to the MVC application configuration. You can use the web helm chart for Blazor-Server.

    Is there any specific error you receive when using it?

    We'll try to add Blazor-Wasm and Blazor-Server helm configurations in the 6.0 final version.

  • 0
    hakan.uskaner created

    Hi,

    i did face a lot of issues so far for getting a microservice solution run in kubernetes:

    • after adding a new microservice to the microservice soltuion there was "app.useCors()" missing in the new module
    • i also needed to add "app.UseStaticFiles" to the gateway module to prevent the error "abp.js is missing" when running in kubernetes
    • i also got the error that the authetication with swagger failed. i needed to change App.UseSwagerUI to app.UseAbpSwaggerUi in all services to prevent that

    As you could see so far there are a lot things to care about to get it work in kubernetes.

    let get through the three point i have three points left:

    1. Blazor charts: my current deployment for blazor is already based on the web chart. My file look like this:

    for blazor from values.yaml:

    blazor: config: selfUrl: https://appmicro-blazor gatewayUrl: https://appmicro-gateway-web authServer: authority: http://appmicro-authserver requireHttpsMetadata: "false" clientId: AppMicro_BlazorServer clientSecret: "1q2w3e*" dotnetEnv: Staging redisHost: appmicro-redis rabbitmqHost: appmicro-rabbitmq elasticsearchUrl: http://appmicro-elasticsearch ingress: host: appmicro-blazor tlsSecret: appmicro-tls image: repository: mycompany/appmicro-app-blazor-server tag: latest pullPolicy: IfNotPresent

    I did check that the appmicro-tls is present (just like in eshoponabp)

    blazor-deployment.yaml:

    apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-{{ .Chart.Name }} spec: selector: matchLabels: app: {{ .Release.Name }}-{{ .Chart.Name }} template: metadata: labels: app: {{ .Release.Name }}-{{ .Chart.Name }} spec: containers:

    • image: {{ .Values.image.repository }}:{{ .Values.image.tag }} imagePullPolicy: {{ .Values.image.pullPolicy }} name: {{ .Release.Name }}-{{ .Chart.Name }} ports:
    • name: http containerPort: 80
    • name: https containerPort: 443 env:
    • name: App__SelfUrl value: "{{ .Values.config.selfUrl }}"
    • name: RemoteServices__Default__BaseUrl value: "{{ .Values.config.gatewayUrl }}"
    • name: "AuthServer__Authority" value: "{{ .Values.config.authServer.authority }}"
    • name: "AuthServer__RequireHttpsMetadata" value: "{{ .Values.config.authServer.requireHttpsMetadata }}"
    • name: "AuthServer__ClientId" value: "{{ .Values.config.clientId }}"
    • name: "AuthServer__ClientSecret" value: "{{ .Values.config.clientSecret }}"
    • name: "DOTNET_ENVIRONMENT" value: "{{ .Values.config.dotnetEnv }}"
    • name: "Redis__Configuration" value: "{{ .Values.config.redisHost }}"
    • name: "StringEncryption__DefaultPassPhrase" value: "{{ .Values.config.stringEncryptionDefaultPassPhrase }}"
    • name: "RabbitMQ__Connections__Default__HostName" value: "{{ .Values.config.rabbitmqHost }}"
    • name: "ElasticSearch__Url" value: "{{ .Values.config.elasticsearchUrl }}" {{- if .Values.env }} {{ toYaml .Values.env | indent 8 }} {{- end }}

    blazor-ingress.yaml:

    apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ .Release.Name }}-{{ .Chart.Name }}-ingress annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/rewrite-target: / nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/proxy-buffer-size: 32k nginx.ingress.kubernetes.io/proxy-buffers-number: "8" cert-manager.io/cluster-issuer: letsencrypt spec: tls:

    • hosts:
    • {{ .Values.ingress.host }} secretName: {{ .Values.ingress.tlsSecret }} rules:
    • host: "{{ .Values.ingress.host }}" http: paths:
    • path: / pathType: Prefix backend: service: name: {{ .Release.Name }}-{{ .Chart.Name }} port: number: 80

    blazor-ingress.yaml:

    apiVersion: v1 kind: Service metadata: labels: name: {{ .Release.Name }}-{{ .Chart.Name }} name: {{ .Release.Name }}-{{ .Chart.Name }} spec: ports:

    • name: "80" port: 80
    • name: "443" port: 443 selector: app: {{ .Release.Name }}-{{ .Chart.Name }}

    I have currently no blazor-configmap.yaml like in the web chart. do i need this also ? How about the files above ? can you check them ?

    2. I do receive a error 500 while accessing the blazor page. Here is the log:

    [08:54:39 INF] Request finished HTTP/1.1 GET http://appmicro-blazor/ - - - 500 0 - 109.9219ms [10:57:06 INF] Request starting HTTP/1.1 GET http://appmicro-blazor/ - - [10:57:06 WRN] Could not find IdentityClientConfiguration for AbpMvcClient. Either define a configuration for AbpMvcClient or set a default configuration. [10:57:06 INF] Start processing HTTP request GET https://appmicro-gateway-web/api/abp/application-configuration?api-version=1.0 [10:57:06 INF] Sending HTTP request GET https://appmicro-gateway-web/api/abp/application-configuration?api-version=1.0 [10:57:06 ERR] Connection id "0HMJFLMHOPT56", Request id "0HMJFLMHOPT56:00000002": An unhandled exception was thrown by the application. Volo.Abp.Http.Client.AbpRemoteCallException: An error occurred during the ABP remote HTTP request. (Connection refused (appmicro-gateway-web:443)) See the inner exception for details. ---> System.Net.Http.HttpRequestException: Connection refused (appmicro-gateway-web:443) ---> System.Net.Sockets.SocketException (111): Connection refused at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error, CancellationToken cancellationToken) at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.System.Threading.Tasks.Sources.IValueTaskSource.GetResult(Int16 token) at System.Net.Sockets.Socket.g__WaitForConnectWithCancellation|277_0(AwaitableSocketAsyncEventArgs saea, ValueTask connectTask, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken) --- End of inner exception stack trace ---

    3. I still receive an error during authentification with swagger about Mixed Content. I did find post to that but couldn't solve it so far:

    I did try to modify both gateways like in this post: https://support.abp.io/QA/Questions/3027/Mircoservice-k8s-deploy--AccountLogin-show-IDX20803-error

    app.Use(async (ctx, next) => { if (ctx.Request.Headers.ContainsKey("from-ingress")) { ctx.Request.Scheme = "https"; return next(); }

    return next();

    But so far i couldn't solve that..

    So now you should have detailed information to help. Hope we could solve this soon. I really need this, because people are waiting for me to finish this task.

  • 0
    gterdem created
    Support Team

    1- You don't need blazor-configmap.yaml since you won't be overriding any files.

    You can update gatewayUrl: https://appmicro-gateway-web --> gatewayUrl: https://appmicro-gateway-web/ (trailing slash at the end). You can update authority: http://appmicro-authserver --> authority: https://appmicro-authserver (with https. And keep requireHttpsMetadata: "false")

    2- You are trying to reach the gateway on SSL however it is not responding. High probably your gateway is running at port 80. This is related to the modification you did on 3rd step.

    3- This HTTPS redirection is wrong. You shouldn't be redirecting incoming traffic to HTTPS. The modification you did for the gateways as in the post you shared is for auth server not gateways.

  • 0
    hakan.uskaner created

    i did remove the https redirection in gateways modules and check auth modulle. everything fine now.

    Changing the gatewayUr to l: https://appmicro-gateway-web/ (trailing slash at the end) and the auth server to https solved the mixed content error (Nr.3 above).. I can now authenticate succefull through swagger. Great

    What do you think about my yaml files above for blazor. Blazor is still not accessible due error 500. How to solve that ?

    and yes, the gateway is running at port 80. To what should i change it ?

  • 0
    gterdem created
    Support Team

    i did remove the https redirection in gateways modules and check auth modulle. everything fine now.

    Changing the gatewayUr to l: https://appmicro-gateway-web/ (trailing slash at the end) and the auth server to https solved the mixed content error (Nr.3 above).. I can now authenticate succefull through swagger. Great

    What do you think about my yaml files above for blazor. Blazor is still not accessible due error 500. How to solve that ?

    What is the 500 error? If you have removed the midware it shouldn't be Volo.Abp.Http.Client.AbpRemoteCallException: An error occurred during the ABP remote HTTP request. (Connection refused (appmicro-gateway-web:443))

  • 0
    hakan.uskaner created

    I did forgot to rebuild the images. you were right.

    And i also needed to modify the blazor-deployment.yaml (added .authserver) because otherwise the clientid etc were missing:

        - name: "AuthServer__ClientId"
          value: "{{ .Values.config.authServer.clientId }}"
        - name: "AuthServer__ClientSecret"
          value: "{{ .Values.config.authServer.clientSecret }}"             
    

    After that Blazor runs . I will check if i get some more errors in other components

  • 0
    hakan.uskaner created

    If i try to login in the blazor app the authentications fails with internal error 500. i did not find much about that error:

    blazor-server.log: [14:20:46 INF] Request finished HTTP/1.1 GET http://appmicro-blazor/Themes/Lepton/Global/assets/fonts/poppins-v6-latin-600.woff2 - - - 304 - font/woff2 0.5253ms [14:20:46 INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)' [14:20:46 INF] Route matched with {action = "Index", controller = "Error", area = "", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] Index(Int32) on controller Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared). [14:20:46 INF] Executing ViewResult, running view ~/Views/Error/404.cshtml. [14:20:46 WRN] The cookie 'XSRF-TOKEN' has set 'SameSite=None' and must also set 'Secure'. [14:20:46 INF] Authorization failed. These requirements were not met: PermissionRequirement: SettingManagement.Emailing [14:20:46 INF] Authorization failed. These requirements were not met: PermissionRequirement: AbpIdentity.SettingManagement [14:20:46 INF] Authorization failed. These requirements were not met: PermissionRequirement: LeptonThemeManagement.Settings [14:20:46 INF] Authorization failed. These requirements were not met: PermissionRequirement: AbpAccount.SettingManagement [14:20:46 INF] Executed ViewResult - view ~/Views/Error/404.cshtml executed in 11.1565ms. [14:20:46 INF] Executed action Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared) in 16.2938ms [14:20:46 INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)' [14:20:46 INF] Request finished HTTP/1.1 GET http://appmicro-blazor/Error?httpStatusCode=404 - - - 404 - text/html;+charset=utf-8 17.4042ms

  • 0
    gterdem created
    Support Team

    The screenshot does not contain enough information to troubleshoot the problem.

    Is this error from AuthServer or the blazor application? Can you also check the AuthServer logs? Trace the HTTP request please.

  • 0
    hakan.uskaner created

    the above log is from blazor. i did check the auth log. it does not contain any errors. i also tried to set Logging in Both Blazor and Server to Debug, but this doesn‘t seem to be regognized.

    i did also check the gateway logs and didn‘t found something.

    one thing to mention: the url ist https://appmicro-blazor/auth/login which fails with 500.

    Where can i enable debug logging (in auth module is already microsoft.idenity.. ShowPII added)

  • 0
    hakan.uskaner created

    To enable debug logging i needed to override the SerilogConfigurationHelper in Shared.Hosting.AspNetCore Project. Otherwise the modules doesn't use any setting so far from appsettings.json for logging.

    And i also removed the dbmigrator chart from the k8s folder, because it writes redirect uris in the DB with localhost setting, and i would like to be able to use both version (localhost and kubernetes). i will check the chart later.

    i did find that in the blazor server logs:

    [21:32:11 INF] Request starting HTTP/1.1 GET http://appmicro-blazor/account/login?returnUrl=https%3A%2F%2Fappmicro-blazor%2Fclients%2Foverview - - [21:32:11 DBG] The request is insecure. Skipping HSTS header. [21:32:11 DBG] The request path /account/login does not match a supported file type [21:32:11 DBG] 2 candidate(s) found for the request path '/account/login' [21:32:11 DBG] Endpoint 'AppMicro.Blazor.Controllers.AccountController.Login (AppMicro.Blazor)' with route pattern '{controller=Home}/{action=Index}/{id?}' is valid for the request path '/account/login' [21:32:11 DBG] Endpoint 'Fallback {*path:nonfile}' with route pattern '{*path:nonfile}' is valid for the request path '/account/login' [21:32:11 DBG] Request matched endpoint 'AppMicro.Blazor.Controllers.AccountController.Login (AppMicro.Blazor)' [21:32:11 DBG] AuthenticationScheme: Cookies was not authenticated. [21:32:11 INF] Executing endpoint 'AppMicro.Blazor.Controllers.AccountController.Login (AppMicro.Blazor)' [21:32:11 INF] Route matched with {action = "Login", controller = "Account", area = "", page = ""}. Executing controller action with signature Microsoft.AspNetCore.Mvc.ActionResult Login(System.String, System.String) on controller AppMicro.Blazor.Controllers.AccountController (AppMicro.Blazor). [21:32:11 DBG] Execution plan of authorization filters (in the following order): ["Volo.Abp.AspNetCore.Mvc.AntiForgery.AbpAutoValidateAntiforgeryTokenAuthorizationFilter"] [21:32:11 DBG] Execution plan of resource filters (in the following order): ["Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.SaveTempDataFilter"] [21:32:11 DBG] Execution plan of action filters (in the following order): ["Microsoft.AspNetCore.Mvc.Filters.ControllerActionFilter (Order: -2147483648)", "Microsoft.AspNetCore.Mvc.ModelBinding.UnsupportedContentTypeFilter (Order: -3000)", "Volo.Abp.AspNetCore.Mvc.GlobalFeatures.GlobalFeatureActionFilter", "Volo.Abp.AspNetCore.Mvc.Auditing.AbpAuditActionFilter", "Volo.Abp.AspNetCore.Mvc.Response.AbpNoContentActionFilter", "Volo.Abp.AspNetCore.Mvc.Features.AbpFeatureActionFilter", "Volo.Abp.AspNetCore.Mvc.Validation.AbpValidationActionFilter", "Volo.Abp.AspNetCore.Mvc.Uow.AbpUowActionFilter"] [21:32:11 DBG] Execution plan of exception filters (in the following order): ["Volo.Abp.AspNetCore.Mvc.ExceptionHandling.AbpExceptionFilter"] [21:32:11 DBG] Execution plan of result filters (in the following order): ["Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.SaveTempDataFilter"] [21:32:11 DBG] Executing controller factory for controller AppMicro.Blazor.Controllers.AccountController (AppMicro.Blazor) [21:32:11 DBG] Executed controller factory for controller AppMicro.Blazor.Controllers.AccountController (AppMicro.Blazor) [21:32:11 DBG] Attempting to bind parameter 'returnUrl' of type 'System.String' ... [21:32:11 DBG] Attempting to bind parameter 'returnUrl' of type 'System.String' using the name 'returnUrl' in request data ... [21:32:11 DBG] Done attempting to bind parameter 'returnUrl' of type 'System.String'. [21:32:11 DBG] Done attempting to bind parameter 'returnUrl' of type 'System.String'. [21:32:11 DBG] Attempting to validate the bound parameter 'returnUrl' of type 'System.String' ... [21:32:11 DBG] Done attempting to validate the bound parameter 'returnUrl' of type 'System.String'. [21:32:11 DBG] Attempting to bind parameter 'returnUrlHash' of type 'System.String' ... [21:32:11 DBG] Attempting to bind parameter 'returnUrlHash' of type 'System.String' using the name '' in request data ... [21:32:11 DBG] Could not find a value in the request with name '' for binding parameter 'returnUrlHash' of type 'System.String'. [21:32:11 DBG] Done attempting to bind parameter 'returnUrlHash' of type 'System.String'. [21:32:11 DBG] Done attempting to bind parameter 'returnUrlHash' of type 'System.String'. [21:32:11 DBG] Attempting to validate the bound parameter 'returnUrlHash' of type 'System.String' ... [21:32:11 DBG] Done attempting to validate the bound parameter 'returnUrlHash' of type 'System.String'. [21:32:11 ERR] Invalid RedirectUrl: https://appmicro-blazor/clients/overview, Use AppUrlProvider to configure it! [21:32:11 INF] Executing ChallengeResult with authentication schemes (["oidc"]). [21:32:11 INF] Executed action AppMicro.Blazor.Controllers.AccountController.Login (AppMicro.Blazor) in 6.3267ms [21:32:11 INF] Executed endpoint 'AppMicro.Blazor.Controllers.AccountController.Login (AppMicro.Blazor)' [21:32:11 ERR] An unhandled exception has occurred while executing the request. System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://appmicro-authserver/.well-known/openid-configuration'.  ---> System.IO.IOException: IDX20804: Unable to retrieve document from: 'https://appmicro-authserver/.well-known/openid-configuration'.  ---> System.Net.Http.HttpRequestException: Connection refused (appmicro-authserver:443)  ---> System.Net.Sockets.SocketException (111): Connection refused

    if open the url https://appmicro-authserver/.well-known/openid-configuration in webbrowser it works, but not within blazor

  • 0
    hakan.uskaner created

    if i change in value.yaml the blazorServerRootTUrl to http://appmicro-blazor/ i receive this error.

    I found in the authserver log:

    %20AdministrationService%20SaasService%20AppZeroService&response_mode=form_post&nonce=637948712035798269.MjRiMmYyNTItNDQyYy00OWRhLWJhNmQtNWE3OGFjYTZhYTIyNjk3NzQ0ZjItOTg4My00MDFiLTg4ZjgtZGVlY2Y1YzI4OWVm&state=CfDJ8Ci31Bln9K1LgZ-u_lDlpFK2SM2UsklmfHVnTbauFdVJF2gUeGsYOriyLE7XBaka3FfCPU2ZhOXgdpR-G4mft10a_L3JnE-5vO60SbzNcObPVZHtmIZYe-w5q1vNxEyAAM8e0mA5METBFXzq9lE3DRpRw8mACx2w4gdpcL1Thk0uP__9LHdJ6Pj7ac767jyBqdVpnLjjKGHCeSXuuM5JVGCRevYOKbRIkFj_Ese6EuEnb1_DnVIURGH7YHTeZCxoEpmOsVsDvwNnmGRqGzgwywaF0mqiKbumjNTaSVVx9ES5&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.10.0.0 - - [13:33:23 INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeEndpoint for /connect/authorize [13:33:23 ERR] Invalid redirect_uri: http://appmicro-blazor/signin-oidc {"ClientId": "AppMicro_BlazorServer", "ClientName": "AppMicro_BlazorServer", "RedirectUri": null, "AllowedRedirectUris": ["https://appmicro-blazor/signin-oidc"], "SubjectId": "3a056698-126f-b069-f8f1-f8d1ee578f27", "ResponseType": null, "ResponseMode": null, "GrantType": null, "RequestedScopes": "", "State": null, "UiLocales": null, "Nonce": null, "AuthenticationContextReferenceClasses": null, "DisplayMode": null, "PromptMode": "", "MaxAge": null, "LoginHint": null, "SessionId": null, "Raw": {"client_id": "AppMicro_BlazorServer", "redirect_uri": "http://appmicro-blazor/signin-oidc", "response_type": "code id_token", "scope": "openid profile role email phone AccountService IdentityService AdministrationService SaasService AppZeroService", "response_mode": "form_post", "nonce": "637948712035798269.MjRiMmYyNTItNDQyYy00OWRhLWJhNmQtNWE3OGFjYTZhYTIyNjk3NzQ0ZjItOTg4My00MDFiLTg4ZjgtZGVlY2Y1YzI4OWVm", "state": "CfDJ8Ci31Bln9K1LgZ-u_lDlpFK2SM2UsklmfHVnTbauFdVJF2gUeGsYOriyLE7XBaka3FfCPU2ZhOXgdpR-G4mft10a_L3JnE-5vO60SbzNcObPVZHtmIZYe-w5q1vNxEyAAM8e0mA5METBFXzq9lE3DRpRw8mACx2w4gdpcL1Thk0uP__9LHdJ6Pj7ac767jyBqdVpnLjjKGHCeSXuuM5JVGCRevYOKbRIkFj_Ese6EuEnb1_DnVIURGH7YHTeZCxoEpmOsVsDvwNnmGRqGzgwywaF0mqiKbumjNTaSVVx9ES5", "x-client-SKU": "ID_NETSTANDARD2_0", "x-client-ver": "6.10.0.0"}, "$type": "AuthorizeRequestValidationLog"} [13:33:23 ERR] Request validation failed

    But if i look into the db i only see the urls as https:

    What i am missing ?

    if blazorServerRootTUrl is https i get the error before this post.

    i also tried without luck to add this for selfsigned certs to AddAuthentication :

    // Added for selfsigend certificate options.BackchannelHttpHandler = new HttpClientHandler { ServerCertificateCustomValidationCallback = delegate { return true; } };

  • 0
    gterdem created
    Support Team

    I couldn't reach your openid-configuration endpoint at 'https://appmicro-authserver/.well-known/openid-configuration'.

    Can you check if the issuer is https://appmicro-authserver (HTTPS)?

    If not, you can update your AuthServer with:

    Configure<IdentityServerOptions>(options => { 
        options.IssuerUri = configuration["App:SelfUrl"]; 
    });
    

    and set both AuthServer and Blazor-Server AuthServer configuration in values.yaml file as:

    authServer:
          authority: https://appmicro-authserver
          requireHttpsMetadata: "false"
    
  • 0
    hakan.uskaner created

    Hi,

    AuthServer and BlazorServer is set to:

    authServer: authority: https://appmicro-authserver requireHttpsMetadata: "false"

    Blazor values look like this:

    and i also added like you suggestet to the authserver module the IssuerUrl. ALL URLS IN VALUES.YAML ARE HTTPS (expect redis /rabbitmq/ elasticsearch). For identityserver blazorServerRootUrl: is https://appmicro-blazor/

    But not difference so far. Still receive 500 error.

    In my auth log i now only find:

    Executed page /Account/Login in 1353.6891ms [15:39:43 INF] Executed endpoint '/Account/Login' [15:39:43 INF] Request finished HTTP/1.1 GET http://appmicro-authserver/Account/Login - - - 200 - text/html;+charset=utf-8 1381.6307ms [15:39:43 INF] Request starting HTTP/1.1 GET http://appmicro-authserver/__bundles/Lepton.Global.ADD5F01D11E6ABD793872CD20AFE07ED.css?_v=637949651827613373 - - [15:39:43 INF] Request starting HTTP/1.1 GET http://appmicro-authserver/__bundles/Lepton.Global.9A9449B4A1BEC7DF689B1E3C3552F66F.js?_v=637949651832455046 - - [15:39:43 INF] Request starting HTTP/1.1 GET http://appmicro-authserver/Abp/ApplicationConfigurationScript - - [15:39:43 INF] Identity.Application was not authenticated. Failure message: Unprotect ticket failed [15:39:43 INF] Identity.Application was not authenticated. Failure message: Unprotect ticket failed [15:39:43 INF] Identity.Application was not authenticated. Failure message: Unprotect ticket failed [15:39:43 INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationScriptController.Get (Volo.Abp.AspNetCore.Mvc)' [15:39:43 INF] Sending file. Request path: '/__bundles/Lepton.Global.9A9449B4A1BEC7DF689B1E3C3552F66F.js'. Physical path: 'N/A' [15:39:43 INF] Sending file. Request path: '/__bundles/Lepton.Global.ADD5F01D11E6ABD793872CD20AFE07ED.css'. Physical path: 'N/A' [15:39:43 INF] Request finished HTTP/1.1 GET http://appmicro-authserver/__bundles/Lepton.Global.9A9449B4A1BEC7DF689B1E3C3552F66F.js?_v=637949651832455046 - - - 200 741933 application/javascript 14.5566ms [15:39:43 INF] Request finished HTTP/1.1 GET http://appmicro-authserver/__bundles/Lepton.Global.ADD5F01D11E6ABD793872CD20AFE07ED.css?_v=637949651827613373 - - - 200 507577 text/css 14.9447ms [15:39:43 INF] Route matched with {area = "Abp", action = "Get", controller = "AbpApplicationConfigurationScript", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.ActionResult] Get() on controller Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationScriptController (Volo.Abp.AspNetCore.Mvc). [15:39:43 INF] Request starting HTTP/1.1 GET http://appmicro-authserver/Abp/ServiceProxyScript - - [15:39:43 INF] Identity.Application was not authenticated. Failure message: Unprotect ticket failed [15:39:43 INF] Identity.Application was not authenticated. Failure message: Unprotect ticket failed [15:39:43 INF] Identity.Application was not authenticated. Failure message: Unprotect ticket failed [15:39:43 DBG] Executing AbpApplicationConfigurationAppService.GetAsync()... [15:39:43 INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.ProxyScripting.AbpServiceProxyScriptController.GetAll (Volo.Abp.AspNetCore.Mvc)' [15:39:43 INF] Route matched with {area = "Abp", action = "GetAll", controller = "AbpServiceProxyScript", page = ""}. Executing controller action with signature Microsoft.AspNetCore.Mvc.ActionResult GetAll(Volo.Abp.AspNetCore.Mvc.ProxyScripting.ServiceProxyGenerationModel) on controller Volo.Abp.AspNetCore.Mvc.ProxyScripting.AbpServiceProxyScriptController (Volo.Abp.AspNetCore.Mvc).

    i couldn't find an entry in identity server. In blazor-server log i find again:

    15:39:47 INF] Executed endpoint 'AppMicro.Blazor.Controllers.AccountController.Login (AppMicro.Blazor)' [15:39:47 ERR] An unhandled exception has occurred while executing the request. System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://appmicro-authserver/.well-known/openid-configuration'. ** ---> System.IO.IOException: IDX20804: Unable to retrieve document from: 'https://appmicro-authserver/.well-known/openid-configuration'. ---> System.Net.Http.HttpRequestException: Connection refused (appmicro-authserver:443) ---> System.Net.Sockets.SocketException (111): Connection refused**

    or same error on public-web log: 15:39:59 INF] Executed action AppMicro.PublicWeb.Controllers.AccountController.Login (AppMicro.PublicWeb) in 17.2707ms [15:39:59 INF] Executed endpoint 'AppMicro.PublicWeb.Controllers.AccountController.Login (AppMicro.PublicWeb)' [15:39:59 ERR] An unhandled exception has occurred while executing the request. System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'System.String'. ---> System.IO.IOException: IDX20804: Unable to retrieve document from: 'System.String'. ---> System.Net.Http.HttpRequestException: Connection refused (appmicro-authserver:443) ---> System.Net.Sockets.SocketException (111): Connection refused

  • 0
    hakan.uskaner created

    It would be great if we just could make a teams meeting, where you can take a direct look at my code. I could invite you, if you want. This problem currently pervents my collegues from getting started with our planned tests. So i need to fix this soon.

    the benefit for you could be that i would like to share all changes it did so for on the k8s charts. you could use them to speed up deployment for the new version for kubernetes. i would be happy to share that with you (at least the contain a working blazor part :-)

    <br>

  • 0
    gterdem created
    Support Team

    Would you mind to mail to [email protected] so we can try to schedule an online meeting.