Aktivity „mgurer“
thanks.. it helps..
well, I have checked the code. the value of the context.returnurl is url encoded so related regex expressions never works as expected. there is an issue there.
furthermore if regex gets fixed, it will not work either, at least for my case. because, returnurl contains the original return_uri(double-encoded) and when we alter the return_uri by replacing culture params, there is an inner security check that expects return_uri not to be altered which throws error indicating that uri is altered. this check is part of authorization code flow, and makes sense. otherwise some one in the middle could alter the returl_url and take control.
so, i guess i need to alter return_uri just before the redirection so that return_uri security checks passes.
public virtual Task ReplaceAsync(QueryStringCultureReplacementContext context) { if (!string.IsNullOrWhiteSpace(context.ReturnUrl)) { if (context.ReturnUrl.Contains("culture=", StringComparison.OrdinalIgnoreCase) && context.ReturnUrl.Contains("ui-Culture=", StringComparison.OrdinalIgnoreCase)) { context.ReturnUrl = Regex.Replace( context.ReturnUrl, "culture=[A-Za-z-]+", $"culture={context.RequestCulture.Culture}", RegexOptions.Compiled | RegexOptions.IgnoreCase);
context.ReturnUrl = Regex.Replace(
context.ReturnUrl,
"ui-culture=[A-Za-z-]+",
$"ui-culture={context.RequestCulture.UICulture}",
RegexOptions.Compiled | RegexOptions.IgnoreCase);
}
}
return Task.CompletedTask;
}
Hi,
Thanks. This resolves half of my problem. Now I can control the language of Auth-Server.
The second part of my question still needs to be answered?
When I change the UI language on Auth-Server, how can I transfer this info back to the original calling UI. The login process completes by redirecting back to redirect_url parameter passed to auth-server from calling ui app. I need to manipulate this redirect_url before actualy redirecting it.
Here is an example;
- https://authserverul/connect/authorize?response_type=code&client_id=psp_swagger_client&redirect_uri=https%3A%2F%2Fmyuiapp%2Fswagger%2Foauth2-redirect.html&scope=AccountService&state=V2VkIE5vdiAyOSAyMDIzIDA5OjM5OjA1IEdNVCswMzAwIChHTVQrMDM6MDAp&culture=en-EN&ui-culture=en-EN This opens authserverurl and has a redirect_uri in it. authserver redirects back to this redirect_uri. I need to add ui-culture info into this redirect_uri so that calling ui app can detect the ui-language selection change occured in auth-server site.
- ABP Framework version: v7.4.1
- UI Type: Blazor
- Database System: PostgreSQL
- Tiered (for MVC) or Auth Server Separated (for Angular): yes
- Exception message and full stack trace:
- Steps to reproduce the issue: Hello, I have a vue client app and I use authserver with authorization_code flow to authenticate my users. I want to synchronise active language between these apps. I want to pass the active language code to authserver and set the current language and also when I switch the active language on authserver side, I want to transfer the new language to vue app after authentication completes. Maybe I may add an extra parameter to redirect url, but I could not figure out how to do that. Can you help for that? This synchronisation issue also exists between built in blozor ui app and auth-server too. Thanks.
Check the samples, to see the basic tasks: https://docs.abp.io/en/commercial/latest/samples/index The exact solution to your question may have been answered before, please use the search on the homepage.
If you're creating a bug/problem report, please include followings:
- ABP Framework version: v7.3.2
- UI type: Blazor
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): yes
- Exception message and stack trace:
- Steps to reproduce the issue:" Hello, when an multitenant entity is saved, tenantId property is automatically set to currentusers' tenantId value. If I manually set the tenantId property of the entity to a predefined one, framework does not change the value. I would like see the source code of that behavior. I downloaded the source code, and try to find code of that mechanism, but could not figure out the relates codes. Can you please tell me where to look at? I want to see related codes. Thanks.
Hi,
I have tested tenant header using Postman.
I figured out that postman adds a header named cookie.
This header also includes a field named __tenant which stores the last successfuly gathered tenantid.
This header is hidden by default on the postman app, which you can not figure out easily.
When I remove my very own __tenant header, Postman keeps adding the hidden header to the request which results as the strange behaviour that I already told before.
So, there is no problem with ABP but the test tool POSTMAN.
Below you can see header named Cookie added by the tool.
Hi again. I tested the __tenant header. Here are my test results;
1 - I have created new tenant named "Test" with admin password 1.
2 - I set __tenant header to "Test" and username to admin and password to 1 and successfuly received the accesstoken.
3 - I removed the __tenant header, and reposted the last payload with password 1 and still got the access token. (on host site admin password is 1q2w3E*). When I look into the access_token, I still see the tenantId claim set. This behaviour is suspicious.
4 - I set __tenant header to "XX" and password to 1 and result was a warning about missing tenant.
5 - I removed the __tenant header once more and sent 1 as password, I got a warning about invalid credentials.
6 - I set password to ABP default admin password, and get the access_token for host site.
As summary, when I set __tenant header, it is cached and until an unsuccessful attempt made, the cache remains still.
Can you confirm that?
- ABP Framework version: v7.2.1
- UI Type: Blazor WASM
- Database System: EF Core (PostgreSQL)
- Tiered (for MVC) or Auth Server Separated (for Angular): yes (commecial micro services)
- Exception message and full stack trace:
- Steps to reproduce the issue: Hello, I want to get user access token using password flow. When I post data (client_id,client_secret,grant_type,username,sope,password) to /connect/token endpoint of authserver, I successfuly get access token of the user for the host site. But I could not figure out how to get access_token for the tenant site. Is there any way to get access token by providing tenant_id using password-flow? Thanks.