Activities of "Mehmet"

Hello,

It seems a problem. Can you share the access token and refresh token response?

Answer

Hi,

For some technical reasons, we have used innerHtml for the columns of the extensible table component. No vulnerability in this case. You cannot inject any script. Angular sanitizes it by default.

Thanks!

Here is the guide for custom login & register pages for v4.4+: https://gist.github.com/mehmet-erim/dac82931935a465a48802447de501032

Hello,

It is already done: https://github.com/abpframework/abp/commit/86b8f952eecfc6a109ab91e1bf39983b50e7c9f6#diff-835f2b3fd6817076674e0a6599617b07b015b34849235b20017ee0601206a3b8

You need to update your project to v4.4.4 at least. Thanks!

Hello @talhazengin

We've created an internal issue. We'll let you know when it is resolved. Thanks for the repoting!

Please see the comment below to fix problem temporarily: https://github.com/abpframework/abp/issues/10743#issuecomment-981394068

Hello,

The problem is related to @ng-bootstrap/ng-bootstrap package. We're working on this. You can follow this issue: https://github.com/abpframework/abp/issues/10743

I'll notify you when the problem is resolved. Thanks!

Hi,

In Angular side, we've used the angular-oauth2-oidc package to manage authorization code flow. As I know, there is no such package for the React Native. I do not know how can you achieve that but I can briefly explain the how code flow works:

  1. We execute initCodeFlow method of the OAuthService to navigate user to login page.
  2. OAuthService redirects to the IDS's page (url is like this: https://localhost:44305/connect/authorize?response_type=code&client_id=MyProjectName_App&state=R0xMQzR-NnkwbVgxMm8tOHozNVNLN2J5ZzBNfmN0eWxKQnloSUtIR2guWFFn&redirect_uri=https://commercial-demo.abp.io/index.html&scope=openid%20AbpCommercialDemo&code_challenge=coxrGgGtjvVVsX-ZrC3UU8nh9i1iUaUNKUXmcbKy3Yg&code_challenge_method=S256&nonce=R0xMQzR-NnkwbVgxMm8tOHozNVNLN2J5ZzBNfmN0eWxKQnloSUtIR2guWFFn)
  3. IDS redirects to login page (url is like this: https://localhost:44305/Account/Login?ReturnUrl=/connect/authorize/callback?response_type=code&client_id=MyProjectName_App&state=R0xMQzR-NnkwbVgxMm8tOHozNVNLN2J5ZzBNfmN0eWxKQnloSUtIR2guWFFn&redirect_uri=https%3A%2F%2Fcommercial-demo.abp.io%2Findex.html&scope=openid%20AbpCommercialDemo&code_challenge=coxrGgGtjvVVsX-ZrC3UU8nh9i1iUaUNKUXmcbKy3Yg&code_challenge_method=S256&nonce=R0xMQzR-NnkwbVgxMm8tOHozNVNLN2J5ZzBNfmN0eWxKQnloSUtIR2guWFFn)
  4. If login is successfull, IDS redirects to Angular app back (redirection url: http://localhost:4200?code=94DFAD919F8645959A13EC08E79636DEE658ECB11D3D654F8D0DEAC7BC14E605&scope=openid%20MyProjectName&state=R0xMQzR-NnkwbVgxMm8tOHozNVNLN2J5ZzBNfmN0eWxKQnloSUtIR2guWFFn&session_state=Hp45_ZHnuI2DJvBHfiqDilY-900FQmYAchPNm08yJ4o.6689B8D57ADA3BA44B02B792137710FA)
  5. angular-oauth2-oidc package performs a POST request: URL: https://localhost:44305/connect/token Body (form data): grant_type=authorization_code&code=94DFAD919F8645959A13EC08E79636DEE658ECB11D3D654F8D0DEAC7BC14E605&redirect_uri=https://commercial-demo.abp.io/index.html&code_verifier=U2Q1eExVY2I2ODVkQXZSY2VmeGFIZ3FxUXlfeFRRaU0ubFloRmFPSFdYTWFR&client_id=MyProjectName_App Response: {"id_token":"id token shortened for brevity","access_token":"access token shortened for brevity","expires_in":31536000,"token_type":"Bearer","scope":"openid AbpCommercialDemo"}

You should examine the angular-oauth2-oidc package's source code for the details.

Unfortunately, there is no way to control HTTP client options. What I suggest is when you create a proxy, move the generated files to another folder and modify them.

As for api name, you can pass --api-name option to generate-proxy command. Please see the document below for more information: https://docs.abp.io/en/abp/latest/CLI#generate-proxy

Hi @moustafa,

See the proxy generation README.md content:

# Proxy Generation Output

This directory includes the output of the latest proxy generation.
The files and folders in it will be overwritten when proxy generation is run again.
Therefore, please do not place your own content in this folder.

In addition, `generate-proxy.json` works like a lock file.
It includes information used by the proxy generator, so please do not delete or modify it.

Finally, the name of the files and folders should not be changed for two reasons:
- Proxy generator will keep creating them at those paths and you will have multiple copies of the same content.
- ABP Suite generates files which include imports from this folder.

> **Important Notice:** If you are building a module and are planning to publish to npm,
> some of the generated proxies are likely to be exported from public-api.ts file. In such a case,
> please make sure you export files directly and not from barrel exports. In other words,
> do not include index.ts exports in your public-api.ts exports.

If you change any generated code via ABP CLI's generate-proxy command, you need to move that out of the proxy folder.

Showing 11 to 20 of 258 entries
Made with ❤️ on ABP v9.1.0-rc.1. Updated on January 17, 2025, 14:13