Activities of "hakan.uskaner"

if i change in value.yaml the blazorServerRootTUrl to http://appmicro-blazor/ i receive this error.

I found in the authserver log:

%20AdministrationService%20SaasService%20AppZeroService&response_mode=form_post&nonce=637948712035798269.MjRiMmYyNTItNDQyYy00OWRhLWJhNmQtNWE3OGFjYTZhYTIyNjk3NzQ0ZjItOTg4My00MDFiLTg4ZjgtZGVlY2Y1YzI4OWVm&state=CfDJ8Ci31Bln9K1LgZ-u_lDlpFK2SM2UsklmfHVnTbauFdVJF2gUeGsYOriyLE7XBaka3FfCPU2ZhOXgdpR-G4mft10a_L3JnE-5vO60SbzNcObPVZHtmIZYe-w5q1vNxEyAAM8e0mA5METBFXzq9lE3DRpRw8mACx2w4gdpcL1Thk0uP__9LHdJ6Pj7ac767jyBqdVpnLjjKGHCeSXuuM5JVGCRevYOKbRIkFj_Ese6EuEnb1_DnVIURGH7YHTeZCxoEpmOsVsDvwNnmGRqGzgwywaF0mqiKbumjNTaSVVx9ES5&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.10.0.0 - - [13:33:23 INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeEndpoint for /connect/authorize [13:33:23 ERR] Invalid redirect_uri: http://appmicro-blazor/signin-oidc {"ClientId": "AppMicro_BlazorServer", "ClientName": "AppMicro_BlazorServer", "RedirectUri": null, "AllowedRedirectUris": ["https://appmicro-blazor/signin-oidc"], "SubjectId": "3a056698-126f-b069-f8f1-f8d1ee578f27", "ResponseType": null, "ResponseMode": null, "GrantType": null, "RequestedScopes": "", "State": null, "UiLocales": null, "Nonce": null, "AuthenticationContextReferenceClasses": null, "DisplayMode": null, "PromptMode": "", "MaxAge": null, "LoginHint": null, "SessionId": null, "Raw": {"client_id": "AppMicro_BlazorServer", "redirect_uri": "http://appmicro-blazor/signin-oidc", "response_type": "code id_token", "scope": "openid profile role email phone AccountService IdentityService AdministrationService SaasService AppZeroService", "response_mode": "form_post", "nonce": "637948712035798269.MjRiMmYyNTItNDQyYy00OWRhLWJhNmQtNWE3OGFjYTZhYTIyNjk3NzQ0ZjItOTg4My00MDFiLTg4ZjgtZGVlY2Y1YzI4OWVm", "state": "CfDJ8Ci31Bln9K1LgZ-u_lDlpFK2SM2UsklmfHVnTbauFdVJF2gUeGsYOriyLE7XBaka3FfCPU2ZhOXgdpR-G4mft10a_L3JnE-5vO60SbzNcObPVZHtmIZYe-w5q1vNxEyAAM8e0mA5METBFXzq9lE3DRpRw8mACx2w4gdpcL1Thk0uP__9LHdJ6Pj7ac767jyBqdVpnLjjKGHCeSXuuM5JVGCRevYOKbRIkFj_Ese6EuEnb1_DnVIURGH7YHTeZCxoEpmOsVsDvwNnmGRqGzgwywaF0mqiKbumjNTaSVVx9ES5", "x-client-SKU": "ID_NETSTANDARD2_0", "x-client-ver": "6.10.0.0"}, "$type": "AuthorizeRequestValidationLog"} [13:33:23 ERR] Request validation failed

But if i look into the db i only see the urls as https:

What i am missing ?

if blazorServerRootTUrl is https i get the error before this post.

i also tried without luck to add this for selfsigned certs to AddAuthentication :

// Added for selfsigend certificate options.BackchannelHttpHandler = new HttpClientHandler { ServerCertificateCustomValidationCallback = delegate { return true; } };

Answer

I do really like your docker and tye integration. This works great. But i don't like your kubernetes integration so far. i did face a lot of issues, and still have some.

To improve that for future:

Please implement with every new release a test in which you ensure that the charts/templates/values fit your new code version. That way you can catch up errors that only error during kubernetes execution. For us as cutomer you would deliver a more stable reliable product.

Edit: Example: Together with my post before you could implement that as new Task for the commercial part in your eshoponabp github repo

Answer

Hi,

to be able to participate with speed of development at community site of abp it would be great if you could implement a parameter "upgrade-to-pro" for abp cli. The abp cli would use the free available examples as base and could upgrade them to a commercial version. That way a paying customer we would have a great effort. !

This would work like this (for example on eshoponabp):

  • Clone free eshoponabp from Github
  • Upgrade to commercial modules , adding abp pro specific modules etc ( like the current microservice-template-pro)

To enable debug logging i needed to override the SerilogConfigurationHelper in Shared.Hosting.AspNetCore Project. Otherwise the modules doesn't use any setting so far from appsettings.json for logging.

And i also removed the dbmigrator chart from the k8s folder, because it writes redirect uris in the DB with localhost setting, and i would like to be able to use both version (localhost and kubernetes). i will check the chart later.

i did find that in the blazor server logs:

[21:32:11 INF] Request starting HTTP/1.1 GET http://appmicro-blazor/account/login?returnUrl=https%3A%2F%2Fappmicro-blazor%2Fclients%2Foverview - - [21:32:11 DBG] The request is insecure. Skipping HSTS header. [21:32:11 DBG] The request path /account/login does not match a supported file type [21:32:11 DBG] 2 candidate(s) found for the request path '/account/login' [21:32:11 DBG] Endpoint 'AppMicro.Blazor.Controllers.AccountController.Login (AppMicro.Blazor)' with route pattern '{controller=Home}/{action=Index}/{id?}' is valid for the request path '/account/login' [21:32:11 DBG] Endpoint 'Fallback {*path:nonfile}' with route pattern '{*path:nonfile}' is valid for the request path '/account/login' [21:32:11 DBG] Request matched endpoint 'AppMicro.Blazor.Controllers.AccountController.Login (AppMicro.Blazor)' [21:32:11 DBG] AuthenticationScheme: Cookies was not authenticated. [21:32:11 INF] Executing endpoint 'AppMicro.Blazor.Controllers.AccountController.Login (AppMicro.Blazor)' [21:32:11 INF] Route matched with {action = "Login", controller = "Account", area = "", page = ""}. Executing controller action with signature Microsoft.AspNetCore.Mvc.ActionResult Login(System.String, System.String) on controller AppMicro.Blazor.Controllers.AccountController (AppMicro.Blazor). [21:32:11 DBG] Execution plan of authorization filters (in the following order): ["Volo.Abp.AspNetCore.Mvc.AntiForgery.AbpAutoValidateAntiforgeryTokenAuthorizationFilter"] [21:32:11 DBG] Execution plan of resource filters (in the following order): ["Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.SaveTempDataFilter"] [21:32:11 DBG] Execution plan of action filters (in the following order): ["Microsoft.AspNetCore.Mvc.Filters.ControllerActionFilter (Order: -2147483648)", "Microsoft.AspNetCore.Mvc.ModelBinding.UnsupportedContentTypeFilter (Order: -3000)", "Volo.Abp.AspNetCore.Mvc.GlobalFeatures.GlobalFeatureActionFilter", "Volo.Abp.AspNetCore.Mvc.Auditing.AbpAuditActionFilter", "Volo.Abp.AspNetCore.Mvc.Response.AbpNoContentActionFilter", "Volo.Abp.AspNetCore.Mvc.Features.AbpFeatureActionFilter", "Volo.Abp.AspNetCore.Mvc.Validation.AbpValidationActionFilter", "Volo.Abp.AspNetCore.Mvc.Uow.AbpUowActionFilter"] [21:32:11 DBG] Execution plan of exception filters (in the following order): ["Volo.Abp.AspNetCore.Mvc.ExceptionHandling.AbpExceptionFilter"] [21:32:11 DBG] Execution plan of result filters (in the following order): ["Microsoft.AspNetCore.Mvc.ViewFeatures.Filters.SaveTempDataFilter"] [21:32:11 DBG] Executing controller factory for controller AppMicro.Blazor.Controllers.AccountController (AppMicro.Blazor) [21:32:11 DBG] Executed controller factory for controller AppMicro.Blazor.Controllers.AccountController (AppMicro.Blazor) [21:32:11 DBG] Attempting to bind parameter 'returnUrl' of type 'System.String' ... [21:32:11 DBG] Attempting to bind parameter 'returnUrl' of type 'System.String' using the name 'returnUrl' in request data ... [21:32:11 DBG] Done attempting to bind parameter 'returnUrl' of type 'System.String'. [21:32:11 DBG] Done attempting to bind parameter 'returnUrl' of type 'System.String'. [21:32:11 DBG] Attempting to validate the bound parameter 'returnUrl' of type 'System.String' ... [21:32:11 DBG] Done attempting to validate the bound parameter 'returnUrl' of type 'System.String'. [21:32:11 DBG] Attempting to bind parameter 'returnUrlHash' of type 'System.String' ... [21:32:11 DBG] Attempting to bind parameter 'returnUrlHash' of type 'System.String' using the name '' in request data ... [21:32:11 DBG] Could not find a value in the request with name '' for binding parameter 'returnUrlHash' of type 'System.String'. [21:32:11 DBG] Done attempting to bind parameter 'returnUrlHash' of type 'System.String'. [21:32:11 DBG] Done attempting to bind parameter 'returnUrlHash' of type 'System.String'. [21:32:11 DBG] Attempting to validate the bound parameter 'returnUrlHash' of type 'System.String' ... [21:32:11 DBG] Done attempting to validate the bound parameter 'returnUrlHash' of type 'System.String'. [21:32:11 ERR] Invalid RedirectUrl: https://appmicro-blazor/clients/overview, Use AppUrlProvider to configure it! [21:32:11 INF] Executing ChallengeResult with authentication schemes (["oidc"]). [21:32:11 INF] Executed action AppMicro.Blazor.Controllers.AccountController.Login (AppMicro.Blazor) in 6.3267ms [21:32:11 INF] Executed endpoint 'AppMicro.Blazor.Controllers.AccountController.Login (AppMicro.Blazor)' [21:32:11 ERR] An unhandled exception has occurred while executing the request. System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://appmicro-authserver/.well-known/openid-configuration'. ---> System.IO.IOException: IDX20804: Unable to retrieve document from: 'https://appmicro-authserver/.well-known/openid-configuration'. ---> System.Net.Http.HttpRequestException: Connection refused (appmicro-authserver:443) ---> System.Net.Sockets.SocketException (111): Connection refused

if open the url https://appmicro-authserver/.well-known/openid-configuration in webbrowser it works, but not within blazor

the above log is from blazor. i did check the auth log. it does not contain any errors. i also tried to set Logging in Both Blazor and Server to Debug, but this doesn‘t seem to be regognized.

i did also check the gateway logs and didn‘t found something.

one thing to mention: the url ist https://appmicro-blazor/auth/login which fails with 500.

Where can i enable debug logging (in auth module is already microsoft.idenity.. ShowPII added)

If i try to login in the blazor app the authentications fails with internal error 500. i did not find much about that error:

blazor-server.log: [14:20:46 INF] Request finished HTTP/1.1 GET http://appmicro-blazor/Themes/Lepton/Global/assets/fonts/poppins-v6-latin-600.woff2 - - - 304 - font/woff2 0.5253ms [14:20:46 INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)' [14:20:46 INF] Route matched with {action = "Index", controller = "Error", area = "", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] Index(Int32) on controller Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared). [14:20:46 INF] Executing ViewResult, running view ~/Views/Error/404.cshtml. [14:20:46 WRN] The cookie 'XSRF-TOKEN' has set 'SameSite=None' and must also set 'Secure'. [14:20:46 INF] Authorization failed. These requirements were not met: PermissionRequirement: SettingManagement.Emailing [14:20:46 INF] Authorization failed. These requirements were not met: PermissionRequirement: AbpIdentity.SettingManagement [14:20:46 INF] Authorization failed. These requirements were not met: PermissionRequirement: LeptonThemeManagement.Settings [14:20:46 INF] Authorization failed. These requirements were not met: PermissionRequirement: AbpAccount.SettingManagement [14:20:46 INF] Executed ViewResult - view ~/Views/Error/404.cshtml executed in 11.1565ms. [14:20:46 INF] Executed action Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared) in 16.2938ms [14:20:46 INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)' [14:20:46 INF] Request finished HTTP/1.1 GET http://appmicro-blazor/Error?httpStatusCode=404 - - - 404 - text/html;+charset=utf-8 17.4042ms

I did forgot to rebuild the images. you were right.

And i also needed to modify the blazor-deployment.yaml (added .authserver) because otherwise the clientid etc were missing:

    - name: "AuthServer__ClientId"
      value: "{{ .Values.config.authServer.clientId }}"
    - name: "AuthServer__ClientSecret"
      value: "{{ .Values.config.authServer.clientSecret }}"             

After that Blazor runs . I will check if i get some more errors in other components

i did remove the https redirection in gateways modules and check auth modulle. everything fine now.

Changing the gatewayUr to l: https://appmicro-gateway-web/ (trailing slash at the end) and the auth server to https solved the mixed content error (Nr.3 above).. I can now authenticate succefull through swagger. Great

What do you think about my yaml files above for blazor. Blazor is still not accessible due error 500. How to solve that ?

and yes, the gateway is running at port 80. To what should i change it ?

Hi,

i did face a lot of issues so far for getting a microservice solution run in kubernetes:

  • after adding a new microservice to the microservice soltuion there was "app.useCors()" missing in the new module
  • i also needed to add "app.UseStaticFiles" to the gateway module to prevent the error "abp.js is missing" when running in kubernetes
  • i also got the error that the authetication with swagger failed. i needed to change App.UseSwagerUI to app.UseAbpSwaggerUi in all services to prevent that

As you could see so far there are a lot things to care about to get it work in kubernetes.

let get through the three point i have three points left:

1. Blazor charts: my current deployment for blazor is already based on the web chart. My file look like this:

for blazor from values.yaml:

blazor: config: selfUrl: https://appmicro-blazor gatewayUrl: https://appmicro-gateway-web authServer: authority: http://appmicro-authserver requireHttpsMetadata: "false" clientId: AppMicro_BlazorServer clientSecret: "1q2w3e*" dotnetEnv: Staging redisHost: appmicro-redis rabbitmqHost: appmicro-rabbitmq elasticsearchUrl: http://appmicro-elasticsearch ingress: host: appmicro-blazor tlsSecret: appmicro-tls image: repository: mycompany/appmicro-app-blazor-server tag: latest pullPolicy: IfNotPresent

I did check that the appmicro-tls is present (just like in eshoponabp)

blazor-deployment.yaml:

apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-{{ .Chart.Name }} spec: selector: matchLabels: app: {{ .Release.Name }}-{{ .Chart.Name }} template: metadata: labels: app: {{ .Release.Name }}-{{ .Chart.Name }} spec: containers:

  • image: {{ .Values.image.repository }}:{{ .Values.image.tag }} imagePullPolicy: {{ .Values.image.pullPolicy }} name: {{ .Release.Name }}-{{ .Chart.Name }} ports:
  • name: http containerPort: 80
  • name: https containerPort: 443 env:
  • name: App__SelfUrl value: "{{ .Values.config.selfUrl }}"
  • name: RemoteServices__Default__BaseUrl value: "{{ .Values.config.gatewayUrl }}"
  • name: "AuthServer__Authority" value: "{{ .Values.config.authServer.authority }}"
  • name: "AuthServer__RequireHttpsMetadata" value: "{{ .Values.config.authServer.requireHttpsMetadata }}"
  • name: "AuthServer__ClientId" value: "{{ .Values.config.clientId }}"
  • name: "AuthServer__ClientSecret" value: "{{ .Values.config.clientSecret }}"
  • name: "DOTNET_ENVIRONMENT" value: "{{ .Values.config.dotnetEnv }}"
  • name: "Redis__Configuration" value: "{{ .Values.config.redisHost }}"
  • name: "StringEncryption__DefaultPassPhrase" value: "{{ .Values.config.stringEncryptionDefaultPassPhrase }}"
  • name: "RabbitMQ__Connections__Default__HostName" value: "{{ .Values.config.rabbitmqHost }}"
  • name: "ElasticSearch__Url" value: "{{ .Values.config.elasticsearchUrl }}" {{- if .Values.env }} {{ toYaml .Values.env | indent 8 }} {{- end }}

blazor-ingress.yaml:

apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ .Release.Name }}-{{ .Chart.Name }}-ingress annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/rewrite-target: / nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/proxy-buffer-size: 32k nginx.ingress.kubernetes.io/proxy-buffers-number: "8" cert-manager.io/cluster-issuer: letsencrypt spec: tls:

  • hosts:
  • {{ .Values.ingress.host }} secretName: {{ .Values.ingress.tlsSecret }} rules:
  • host: "{{ .Values.ingress.host }}" http: paths:
  • path: / pathType: Prefix backend: service: name: {{ .Release.Name }}-{{ .Chart.Name }} port: number: 80

blazor-ingress.yaml:

apiVersion: v1 kind: Service metadata: labels: name: {{ .Release.Name }}-{{ .Chart.Name }} name: {{ .Release.Name }}-{{ .Chart.Name }} spec: ports:

  • name: "80" port: 80
  • name: "443" port: 443 selector: app: {{ .Release.Name }}-{{ .Chart.Name }}

I have currently no blazor-configmap.yaml like in the web chart. do i need this also ? How about the files above ? can you check them ?

2. I do receive a error 500 while accessing the blazor page. Here is the log:

[08:54:39 INF] Request finished HTTP/1.1 GET http://appmicro-blazor/ - - - 500 0 - 109.9219ms [10:57:06 INF] Request starting HTTP/1.1 GET http://appmicro-blazor/ - - [10:57:06 WRN] Could not find IdentityClientConfiguration for AbpMvcClient. Either define a configuration for AbpMvcClient or set a default configuration. [10:57:06 INF] Start processing HTTP request GET https://appmicro-gateway-web/api/abp/application-configuration?api-version=1.0 [10:57:06 INF] Sending HTTP request GET https://appmicro-gateway-web/api/abp/application-configuration?api-version=1.0 [10:57:06 ERR] Connection id "0HMJFLMHOPT56", Request id "0HMJFLMHOPT56:00000002": An unhandled exception was thrown by the application. Volo.Abp.Http.Client.AbpRemoteCallException: An error occurred during the ABP remote HTTP request. (Connection refused (appmicro-gateway-web:443)) See the inner exception for details. ---> System.Net.Http.HttpRequestException: Connection refused (appmicro-gateway-web:443) ---> System.Net.Sockets.SocketException (111): Connection refused at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error, CancellationToken cancellationToken) at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.System.Threading.Tasks.Sources.IValueTaskSource.GetResult(Int16 token) at System.Net.Sockets.Socket.g__WaitForConnectWithCancellation|277_0(AwaitableSocketAsyncEventArgs saea, ValueTask connectTask, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken) --- End of inner exception stack trace ---

3. I still receive an error during authentification with swagger about Mixed Content. I did find post to that but couldn't solve it so far:

I did try to modify both gateways like in this post: https://support.abp.io/QA/Questions/3027/Mircoservice-k8s-deploy--AccountLogin-show-IDX20803-error

app.Use(async (ctx, next) => { if (ctx.Request.Headers.ContainsKey("from-ingress")) { ctx.Request.Scheme = "https"; return next(); }

return next();

But so far i couldn't solve that..

So now you should have detailed information to help. Hope we could solve this soon. I really need this, because people are waiting for me to finish this task.

Hi, its Blazor Server not Wasm.

I really need this, because i need to publish that solution internally for further test as soons as possible. So when do you expect to update them ? can you provide me a working sample with blazor server or the etc/k8s folder ?

Showing 11 to 20 of 67 entries
Made with ❤️ on ABP v9.1.0-rc.1. Updated on January 17, 2025, 14:13