Activities of "hitaspdotnet"

hi

You can check this: https://github.com/abpframework/abp/issues/4977#issuecomment-670006297

Add your TelegramExternalLoginProvider

let me try to be clearer. this is a telegram web application. as you see, telegram user already detected. I used same algorithm but client side (nextjs - react). I need to authorize these users and their permissions in backend. telegram web app has force dependency to telegram bot, so we have to create a bot if we want to launch a telegram web app. so, I decided to mark bots as our tenants and app's users as tenant users. I created a custom tenant resolver to get bot ID from request. Also, I created a custom grant_type and I added it to bot client's scops to accept requests from the bot. I need an endpoint to post data: auth_data, id, hash and get token to store it in the client storage and making queries to the API using this token based on their permissions. if received data is valid but requester user is not existed in ABP user db then should create it with default role and not be rejected, then generate and send token.

I also have a criticism; I have been a fan of ABP team since ZERO and have always followed your work because of my interest in your team. But the support forum is more like GitHub issue and only the bugs of the framework itself are well supported.

For points 3 and 4 we do not have Domain, Application Contracts and Test solutions in Microservice template. So I am not sure whether do I put them?

If it's a ABP Studio template ABP Studio's microservice template has single layer services (actually two layers: host and contracts but they named it single layer), it's designed to host modules. you should create your own modules and add their dependencies to the related services: YourModule.Application.Contracts -> YourService.Contracts YourModule.[DB_PROVIDER] & YourModule.HttpApi & YourModule.Application -> YourService YourService.Contracts & YourModule.HttpApi.Client & YourModule.Web -> apps/web

Also when creating the project using microservice template , I am getting many errors while opening the project.

you should build your solution via abp studio or run this command in these folders apps/authserver + apps/web + apps/public dotnet build /graphbuild

• MOVED FROM: here
• ABP Framework version: v8.1.0
• UI Type: MVC
• Database System: MongoDB
• Tiered (for MVC) or Auth Server Separated (for Angular): yes/ ABP Studio Microservice
• Exception message and full stack trace: N/A
• Steps to reproduce the issue: N/A

Hi dear support team. I need a custom authorization flow on my ABP application please guide me. I am very confused.

I have a web application that is hosted by Telegram Web App. This is a React application implemented in NextJS. The only thing I have access to is the token that Telegram produces. It gives me a hash string and its decryption key to validate that this request was sent by a user in Telegram. I want to auto-register every user who opened my Telegram app if they are not registered before. After confirming the token sent by Telegram, which has a userId, create a user with their Telegram ID as username and give them default roles. I also want users to access their account on the dashboard, which is the ABP admin web, without the need for a password using the Telegram Login widget, it has the same algorithm and I want to authenticate users using telegram token. What is the best flow I can use to handle this in ABP Studio MS Template (openid) please?

here is an overview of the data I can use to validate request:

using System;
using System.Text;
using System.Collections.Generic;
using System.Security.Cryptography;
using System.Linq;


namespace Telegram
{
    /// <summary>
    /// A helper class used to verify authorization data
    /// </summary>
    public class LoginWidget : IDisposable
    {
        /// <summary>
        /// How old (in seconds) can authorization attempts be to be considered valid (compared to the auth_date field)
        /// </summary>
        public long AllowedTimeOffset = 30;

        private bool _disposed = false;
        private readonly HMACSHA256 _hmac;
        private static readonly DateTime _unixStart = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc);

        /// <summary>
        /// Construct a new <see cref="LoginWidget"/> instance
        /// </summary>
        /// <param name="token">The bot API token used as a secret parameter when checking authorization</param>
        public LoginWidget(string token)
        {
            if (token == null) throw new ArgumentNullException(nameof(token));

            using (SHA256 sha256 = SHA256.Create())
            {
                _hmac = new HMACSHA256(sha256.ComputeHash(Encoding.ASCII.GetBytes(token)));
            }
        }

        /// <summary>
        /// Checks whether the authorization data received from the user is valid
        /// </summary>
        /// <param name="fields">A collection containing query string fields as sorted key-value pairs</param>
        /// <returns></returns>
        public Authorization CheckAuthorization(SortedDictionary<string, string> fields)
        {
            if (_disposed) throw new ObjectDisposedException(nameof(LoginWidget));
            if (fields == null) throw new ArgumentNullException(nameof(fields));
            if (fields.Count < 3) return Authorization.MissingFields;

            if (!fields.ContainsKey(Field.Id) ||
                !fields.TryGetValue(Field.AuthDate, out string authDate) ||
                !fields.TryGetValue(Field.Hash, out string hash)
            ) return Authorization.MissingFields;

            if (hash.Length != 64) return Authorization.InvalidHash;

            if (!long.TryParse(authDate, out long timestamp))
                return Authorization.InvalidAuthDateFormat;

            if (Math.Abs(DateTime.UtcNow.Subtract(_unixStart).TotalSeconds - timestamp) > AllowedTimeOffset)
                return Authorization.TooOld;

            fields.Remove(Field.Hash);
            StringBuilder dataStringBuilder = new StringBuilder(256);
            foreach (var field in fields)
            {
                if (!string.IsNullOrEmpty(field.Value))
                {
                    dataStringBuilder.Append(field.Key);
                    dataStringBuilder.Append('=');
                    dataStringBuilder.Append(field.Value);
                    dataStringBuilder.Append('\n');
                }
            }
            dataStringBuilder.Length -= 1; // Remove the last \n

            byte[] signature = _hmac.ComputeHash(Encoding.UTF8.GetBytes(dataStringBuilder.ToString()));

            // Adapted from: https://stackoverflow.com/a/14333437/6845657
            for (int i = 0; i < signature.Length; i++)
            {
                if (hash[i * 2] != 87 + (signature[i] >> 4) + ((((signature[i] >> 4) - 10) >> 31) & -39)) return Authorization.InvalidHash;
                if (hash[i * 2 + 1] != 87 + (signature[i] & 0xF) + ((((signature[i] & 0xF) - 10) >> 31) & -39)) return Authorization.InvalidHash;
            }

            return Authorization.Valid;
        }

        /// <summary>
        /// Checks whether the authorization data received from the user is valid
        /// </summary>
        /// <param name="fields">A collection containing query string fields as key-value pairs</param>
        /// <returns></returns>
        public Authorization CheckAuthorization(Dictionary<string, string> fields)
        {
            if (fields == null) throw new ArgumentNullException(nameof(fields));
            return CheckAuthorization(new SortedDictionary<string, string>(fields, StringComparer.Ordinal));
        }

        /// <summary>
        /// Checks whether the authorization data received from the user is valid
        /// </summary>
        /// <param name="fields">A collection containing query string fields as key-value pairs</param>
        /// <returns></returns>
        public Authorization CheckAuthorization(IEnumerable<KeyValuePair<string, string>> fields) =>
            CheckAuthorization(fields?.ToDictionary(f => f.Key, f => f.Value, StringComparer.Ordinal));

        /// <summary>
        /// Checks whether the authorization data received from the user is valid
        /// </summary>
        /// <param name="fields">A collection containing query string fields as key-value pairs</param>
        /// <returns></returns>
        public Authorization CheckAuthorization(IEnumerable<Tuple<string, string>> fields) =>
            CheckAuthorization(fields?.ToDictionary(f => f.Item1, f => f.Item2, StringComparer.Ordinal));

        public void Dispose()
        {
            if (!_disposed)
            {
                _disposed = true;
                _hmac?.Dispose();
            }
        }

        private static class Field
        {
            public const string AuthDate = "auth_date";
            public const string Id = "id";
            public const string Hash = "hash";
        }
    }
    
    public enum Authorization
    {
        InvalidHash,
        MissingFields,
        InvalidAuthDateFormat,
        TooOld,
        Valid
    }
}

Based on docs, thanks to design I'm going with extra modules for this for best practice, and we keep the modules upgradable. we'll try to replace related services.

• ABP Framework version: 8.1
• UI Type: MVC
• Database System: MongoDB
• Tiered (for MVC) or Auth Server Separated (for Angular): yes/ ABP Studio Microservice Template

Hi dear support team. I want to extend IdentityUser using modules source code and add ability to register via socialNetwork ID and the socialNetwork auth token. They should be able to login outside of the social network and manage their data on the web client. Also, I want to use the social network username as their IdentityUser.Username to use it as user finder. I think module extending system can't help us because we also need to add extra claims and custom grant type for openiddict based on these data.

IdentityUser.Username: SocialUserName //string // static // changeable via social_auth_token (if they change their username) IdentityUser.SocialUserId: SocialUserID //long // static IdentityUser.IsBot: SocialUserIsBot // bool IdentityUser.IsPremium: SocialUserIsPremium // bool

please I request you, guide me, what should I pay attention to when I added these new properties to the IdentityUser and if there is an article about doing these things step by step, please share with me. Thank you.

P.S: My project's module references (free & pro) are locally but framework is nuget package reference.

I think it's a cli bug:

PS D:\github\modules\abp> abp get-source Volo.Abp.LeptonXTheme.Pro --output-folder "leptonX-theme-pro" --preview
ABP CLI 8.1.0-rc.1
Downloading source code of Volo.Abp.LeptonXTheme.Pro (Latest)
Output folder: D:\github\modules\abp\leptonX-theme-pro
The latest template version (3.1.0-rc.1) is different than the CLI version (8.1.0-rc.1). This may cause compatibility issues.
Please upgrade/downgrade the CLI version to the template version.
> dotnet tool uninstall -g volo.abp.cli
> dotnet tool install -g volo.abp.cli --version 3.1.0-rc.1
There is no version found with given version: 8.1.0-rc.1
System.Exception: There is no version found with given version: 8.1.0-rc.1
   at Volo.Abp.Cli.ProjectBuilding.AbpIoSourceCodeStore.GetAsync(String name, String type, String version, String templateSource, Boolean includePreReleases, Boolean skipCache, Boolean trustUserVersion) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\ProjectBuilding\AbpIoSourceCodeStore.cs:line 156
   at Volo.Abp.Cli.ProjectBuilding.ModuleProjectBuilder.BuildAsync(ProjectBuildArgs args) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\ProjectBuilding\ModuleProjectBuilder.cs:line 48
   at Volo.Abp.Cli.Commands.Services.SourceCodeDownloadService.DownloadModuleAsync(String moduleName, String outputFolder, String version, String gitHubAbpLocalRepositoryPath, String gitHubVoloLocalRepositoryPath, AbpCommandLineOptions options) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\Commands\Services\SourceCodeDownloadService.cs:line 39
   at Volo.Abp.Cli.Commands.GetSourceCommand.ExecuteAsync(CommandLineArgs commandLineArgs) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\Commands\GetSourceCommand.cs:line 59
   at Volo.Abp.Cli.CliService.RunInternalAsync(CommandLineArgs commandLineArgs) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\CliService.cs:line 173
   at Volo.Abp.Cli.CliService.RunAsync(String[] args) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\CliService.cs:line 80
Unhandled exception. System.Exception: There is no version found with given version: 8.1.0-rc.1
   at Volo.Abp.Cli.ProjectBuilding.AbpIoSourceCodeStore.GetAsync(String name, String type, String version, String templateSource, Boolean includePreReleases, Boolean skipCache, Boolean trustUserVersion) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\ProjectBuilding\AbpIoSourceCodeStore.cs:line 156
   at Volo.Abp.Cli.ProjectBuilding.ModuleProjectBuilder.BuildAsync(ProjectBuildArgs args) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\ProjectBuilding\ModuleProjectBuilder.cs:line 48
   at Volo.Abp.Cli.Commands.Services.SourceCodeDownloadService.DownloadModuleAsync(String moduleName, String outputFolder, String version, String gitHubAbpLocalRepositoryPath, String gitHubVoloLocalRepositoryPath, AbpCommandLineOptions options) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\Commands\Services\SourceCodeDownloadService.cs:line 39
   at Volo.Abp.Cli.Commands.GetSourceCommand.ExecuteAsync(CommandLineArgs commandLineArgs) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\Commands\GetSourceCommand.cs:line 59
   at Volo.Abp.Cli.CliService.RunInternalAsync(CommandLineArgs commandLineArgs) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\CliService.cs:line 173
   at Volo.Abp.Cli.CliService.RunAsync(String[] args) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\CliService.cs:line 80
   at Volo.Abp.Cli.Program.Main(String[] args) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli\Volo\Abp\Cli\Program.cs:line 43
   at Volo.Abp.Cli.Program.<Main>(String[] args)

also with fixed version:

PS D:\github\modules\abp> abp get-source Volo.Abp.LeptonXTheme.Pro --output-folder "leptonX-theme-pro" --version 3.1.0-rc.1
ABP CLI 8.1.0-rc.1
Downloading source code of Volo.Abp.LeptonXTheme.Pro (v3.1.0-rc.1)
Output folder: D:\github\modules\abp\leptonX-theme-pro
The specified template version (3.1.0-rc.1) is different than the CLI version (8.1.0-rc.1). This may cause compatibility issues.
Please upgrade/downgrade the CLI version to the template version.
> dotnet tool uninstall -g volo.abp.cli
> dotnet tool install -g volo.abp.cli --version 3.1.0-rc.1
We have changed the template version as the cli version.
New version: 8.1.0-rc.1
There is no version found with given version: 8.1.0-rc.1
System.Exception: There is no version found with given version: 8.1.0-rc.1
   at Volo.Abp.Cli.ProjectBuilding.AbpIoSourceCodeStore.GetAsync(String name, String type, String version, String templateSource, Boolean includePreReleases, Boolean skipCache, Boolean trustUserVersion) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\ProjectBuilding\AbpIoSourceCodeStore.cs:line 156
   at Volo.Abp.Cli.ProjectBuilding.ModuleProjectBuilder.BuildAsync(ProjectBuildArgs args) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\ProjectBuilding\ModuleProjectBuilder.cs:line 48
   at Volo.Abp.Cli.Commands.Services.SourceCodeDownloadService.DownloadModuleAsync(String moduleName, String outputFolder, String version, String gitHubAbpLocalRepositoryPath, String gitHubVoloLocalRepositoryPath, AbpCommandLineOptions options) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\Commands\Services\SourceCodeDownloadService.cs:line 39
   at Volo.Abp.Cli.Commands.GetSourceCommand.ExecuteAsync(CommandLineArgs commandLineArgs) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\Commands\GetSourceCommand.cs:line 59
   at Volo.Abp.Cli.CliService.RunInternalAsync(CommandLineArgs commandLineArgs) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\CliService.cs:line 173
   at Volo.Abp.Cli.CliService.RunAsync(String[] args) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\CliService.cs:line 80
Unhandled exception. System.Exception: There is no version found with given version: 8.1.0-rc.1
   at Volo.Abp.Cli.ProjectBuilding.AbpIoSourceCodeStore.GetAsync(String name, String type, String version, String templateSource, Boolean includePreReleases, Boolean skipCache, Boolean trustUserVersion) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\ProjectBuilding\AbpIoSourceCodeStore.cs:line 156
   at Volo.Abp.Cli.ProjectBuilding.ModuleProjectBuilder.BuildAsync(ProjectBuildArgs args) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\ProjectBuilding\ModuleProjectBuilder.cs:line 48
   at Volo.Abp.Cli.Commands.Services.SourceCodeDownloadService.DownloadModuleAsync(String moduleName, String outputFolder, String version, String gitHubAbpLocalRepositoryPath, String gitHubVoloLocalRepositoryPath, AbpCommandLineOptions options) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\Commands\Services\SourceCodeDownloadService.cs:line 39
   at Volo.Abp.Cli.Commands.GetSourceCommand.ExecuteAsync(CommandLineArgs commandLineArgs) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\Commands\GetSourceCommand.cs:line 59
   at Volo.Abp.Cli.CliService.RunInternalAsync(CommandLineArgs commandLineArgs) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\CliService.cs:line 173
   at Volo.Abp.Cli.CliService.RunAsync(String[] args) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\CliService.cs:line 80
   at Volo.Abp.Cli.Program.Main(String[] args) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli\Volo\Abp\Cli\Program.cs:line 43
   at Volo.Abp.Cli.Program.<Main>(String[] args)

wow, what is this?

Please upgrade/downgrade the CLI version to the template version. We have changed the template version as the cli version.

when I want to download a fixed version why does CLI decide to change the version? Is this a joke from the development team? so remove the --version flag because it's useless anymore. wow. This is very unexpected from your team

You can try to customize the LocalReferenceConverter to skip for the framework. Then build a local dotnet global tool and install and use it.

Thank you. I'm working on it. However, it can be useful if we had a switch for it abp switch-to-local --skip-framework

Is there a way to replace modules (PRO & FREE) with source code but keep framework? I want to do this inside CI, so manually change can't help. I have tried switch-to-local --paths "path\to\pro\free\modules\" with batch get-source for all modules. but didn't work for framework references inside free modules. My CI has +1K package conflict error with netstandard2.0 on my solution when I trying to graph build my project with local framework reference: conflict System.Runtime 5.x and System.Runtime 8.x inside every proj has reference to Volo.Abp.Core Why do we still have the netstandard2.0? I have tried -p:TargetFramework=net8.0 and didn't help

Browse component is not scrollable and this is a problem with long lists

OK. I found the error. TagAppService is only implemented in public package but used in admin package.

as workaround, We also need to add the CmsKitProPublicHttpApiClientModule to the web but I am waiting for a response, maybe a better way will be suggested from the team.