Activities of "john@togarrach.co.uk"
"Can you use AzureSignalR during local development?" - if you mean can we see our azure signalr connection happening - then yes. What we are not seeing is the authorization being resolved (i.e. as per this) - unfortunately, whatever solved that issue (assuming it was your AbpSignalRFilter) is not resolving ours. It would also be good to know how you managed to test that (i.e. to produce this) without using AzureSignalR.
Instead, could you point us at a working example that uses AzureSignalR, IdentityServer4 and Blazor Server. This might help us to find the issue without any associated loss of security. We don't mind if you use placeholders for secrets etc. in the example, but we haven't been able to find one online even though this must be something that is a requirement for anyone using this setup and deploying to Azure. We followed the docs to the letter. We have a suspicion it's possibly something missing in configuration. As Dave mentioned - the app works fine locally. I have emailed you with the link to the azure configuration
I think it would be good if you could just point us in the direction of an example that does what we're trying to achieve. I'm sure we're not the only team wanting to do this.
So did you mean this:
which was something we already had?
Adding the code suggested gets us here:
did you receive my email?
I've added a repo and invited you The repo does not include the changes I mentioned above - I.e it is only local logon via identity server at the moment - default admin password can be found in Source\Core\SupplierPortal.Domain\SupplierPortalConsts.cs
Perhaps it should fit - i.e. the framework should compare the local user's email with that of the azure user, and we know that claim is certainly available - but it does not appear to be working. Obviously this implies we are missing some step that relates those two.
Would it be possible to arrange an online session to discuss our problem with someone familiar with this scenario?.
Failing that - and anyway - is there an example of using OpenIddict with Blazor Server (Tiered) to achieve single sign on with Azure Ad - as release 6.0 is due real soon it would make sense for us at this stage of development to go that route - but only if it works.
Hi maliming, Firstly, thanks for responding.
We have a blazor server tiered solution using identity server for authentication. It works fine when using local login and we are trying to implement single sign on through Azure so our customers will not need to login in if they are already signed in through their own AD.
We have not been able to achieve this. We have used as our baseline the example given here, I.e. we have set up the Azure end as described in that article, We understand that article was addressing MVC (we couldn't find any equivalent for blazor server) so the part of the article that addresses changes to the ABP web Application threw us as we don't have Pages in our Api.Host. We added the required code to the api host, we can login via azure, but because there is no relationship between our abp users and our azure users we are not authorizing which of course means our menus are incorrect and our API calls are being bounced. Are there any examples of adding single sign on for blazor server (and identity server). We're quite willing to go to OpenIddict (seems sensible as this point), but we'd obviously then be in a similar boat (we tried it actually), so is there an example for adding OpenIddict for Azure single sign on to an existin blazor server app?
Our solution structure looks like this:
- ABP Framework version: v6.0.0 rc3
- UI type: Blazor (server)
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): no
- Exception message and stack trace:
- { "code": null, "message": "'<' is an invalid start of a value. Path: $ | LineNumber: 1 | BytePositionInLine: 0.", "details": null, "data": {}, "validationErrors": null }
2022-08-30 13:16:12.101 +01:00 [WRN] '<' is an invalid start of a value. Path: $ | LineNumber: 1 | BytePositionInLine: 0. Volo.Abp.UserFriendlyException: '<' is an invalid start of a value. Path: $ | LineNumber: 1 | BytePositionInLine: 0. at Volo.Abp.Suite.Controllers.AbpSuiteController.AddModuleAsync(AddModuleInput input) at lambda_method1917(Closure , Object ) at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.AwaitableObjectResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Awaited|12_0(ControllerActionInvoker invoker, ValueTask`1 actionResultValueTask) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.
- Steps to reproduce the issue:" OpenIddict - either attempt to download source code or replace packages with source
